Records management obligations for NSW Government entities 03: Are Board documents and communications State records?

By Dr Ashley Tsacalos, Elizabeth Forbes, Ethan Tindall and Gabrielle Shina
27 May 2021
Record management obligations under the State Records Act 1998 (NSW) for Board members of any NSW Government Entity extend to any electronic communications such as emails, texts or WhatsApp messages related to their functions.

Related Knowledge

A NSW Government Entity will often be required by its governing legislation to have a Board, whose functions, as specified in its governing legislation, may differ from one Entity to another but will often include setting strategy and policy, as well as oversight of the financial and overall performance of the Entity.

Whatever the precise nature of their individual functions, Board members should be mindful that any documents and other records used for official functions are likely to be captured by the record management regime under the State Records Act 1998 (NSW). These obligations certainly include Board papers and meeting minutes, which will need to be retained and properly stored, but can also go beyond these. They should take particular care before deleting any Board-related electronic communications such as emails, texts or WhatsApp messages: even when received on a personal phone, email or device!

This article builds on the principles outlined in our first and second articles in this series on the obligations for NSW Government entities under the Act. The focus of this article is obligations relating to "State records" that apply to Board members. In particular, it will explore:

  • Is a Board a "public office" and therefore subject to record protection and management obligations under the Act?
  • What Board documents amount to "State records"?
  • What are the obligations for Board members under the Act?

Failure to grasp these obligations can be an expensive exercise, with possible penalties including a fine of up to 50 penalty units (currently, $5,500) if a person abandons, disposes, damages, alters or transfers ownership of a "State record" without the permission or approval of the State Archives and Records Authority of New South Wales.

Is a Board a "public office" and therefore subject to record protection and management obligations under the State Records Act?

A Board satisfies the definition of "public office" if it:

  • exercises a function of a "branch of the Government of the State"; and
  • is a body established for a public purpose that is responsible for the oversight and operation of a NSW Government entity.

The Chief Executive of each "public office" is responsible for ensuring compliance with the Act's requirements. If a Board is responsible for appointing the Entity's Chief Executive, that Chief Executive is likely to be accountable to the Board in the exercise of their functions, and the obligations of an Entity and its Board are likely to be inextricably linked. However, this will depend on the governing legislation of each Entity as Chief Executives (or Heads of an Entity) are not always appointed by the Board and may be directly appointed by, for example, a Minister.

If both the Board and Entity are "public offices", they will separately have obligations under the Act. However, the Entity and its Board should be treated as a single "public office" for the purposes of complying with the Act (and for reasons of practicality and efficiency).

What Board documents amount to "State records"?

The definition of "State record" and "record" are very broad, so a large number of records will fall within the ambit of the Act.

From a pragmatic perspective, any document (including emails, text messages and other forms of electronic communications), will constitute a "State record" if that record is created or received:

  • in the course of the exercise of an official function of a "public office";
  • for any purpose of a "public office"; or
  • for the use of a "public office".

It follows that any record that is made or received by a Board or any Board member, in relation to any of the functions of the Board, will constitute a "State record". Some examples of the types of records that would be considered a "State record" include:

  • electronic communications (such as emails or text messages) sent or received by Board members, regardless of whether they involve private email addresses or private telephone numbers or are sent or received using personal devices (ie. non-Entity owned devices);
  • communications sent using encrypted messaging platforms such as WhatsApp and Signal;
  • briefing papers, meeting minutes or notes taken during (or after) a Board meeting;
  • advice, background research or other documents which are used in the course of the Board's decision making;
  • draft documents which are created by the Board or Board members (including those that are stored electronically); and
  • written correspondence or communications created or received by the Board or any of its members as related to Board matters.

Board members may use their own private email addresses or telephone numbers when they carry out their responsibilities. In this case, Board members should be aware that the use of private email, personal computers and/or personal mobile phones will not prevent a record (such as an email, text message or WhatsApp message) from falling within the scope of the broad definition of "State record" and, therefore, the obligations under the Act extend to these records.

What are the obligations for Board members under the State Records Act?

The obligations of a "public office" to protect and manage "State records" under its control, in summary, require that a "public office", including a Board:

  • ensure the safe custody and proper preservation of the "State records" that are in its control;
  • ensure that arrangements are in place for the safe keeping, proper preservation and return of those "State records" that are in its control, but in the possession or custody of another; and
  • take reasonable steps to recover a "State record" that belongs to it, but that is not in its possession or custody (unless it is lawfully in the possession or custody of that other person).

"Manage" means a "public office" (ie. a Board) must:

  • make and keep full and accurate records of the activities of the "public office";
  • establish and maintain a records management program in accordance with "standards and codes of best practice";
  • make arrangements with the Authority for monitoring of the records management program; and
  • report to the Authority on the implementation of the records management program.

To comply with section 12 of the Act, a Board must ensure that it (and its members) retain full and accurate records of any activities relating to its functions. Boards should also prepare a "records management program" identifying how it will adhere to the standards and codes of practice approved by the Authority.

Unless authorised under the Act, Boards must comply with certain "protection measures", including that a person must not:

  • abandon or dispose of a State record;
  • transfer or offer to transfer, or be a party to arrangements for the transfer of a State record;
  • take or send a State record out of NSW;
  • damage or alter a State record; or
  • neglect a State record in any way that causes or is likely to cause it damage.

The records management obligations, including retention requirements as well as how records can be disposed of, are specified in the "Retention and Disposal Authorities" approved by the Authority.

Making sure your Board complies with its obligations under the State Records Act

It is prudent for Boards (and Entities) to undertake an assessment of whether they are currently compliant with their obligations as a "public office".

If they are not currently compliant, they should prepare a plan for achieving compliance including, for example, by:

  • adopting practices that aid compliance such as ensuring communications relating to Board functions are conducted via official email addresses (rather than individual email accounts); and
  • establishing Board "secretariat" email addresses within the existing email system of the Entity to capture all emails in relation to the Board functions.

They should then:

  • prepare a records management program in accordance with the Act;
  • establish a reporting program with the Authority in accordance with the Act; and
  • implement governance measures and a training regime to support compliance with the Act.

Get in touch

Clayton Utz communications are intended to provide commentary and general information. They should not be relied upon as legal advice. Formal legal advice should be sought in particular transactions or on matters of interest arising from this communication. Persons listed may not be admitted in all States and Territories.