Topic 3: Records Management Legislation Study Notes

Foundations of Records Management Legislation

  • Definition and Scope: Effective records management involves more than just organization; it requires the management of classified information in compliance with legal and regulatory frameworks. This is essential to protect national interests, organizational integrity, and individual rights.

  • Universal Requirement: Governments globally require records and archives legislation for compliance. This ensures records are managed for posterity and historical purposes.

  • Risks of Absence: The absence of guiding legislation for custodians, creators, and users of records poses significant risks. Legislation is a cornerstone of an accountable and effective government.

  • Core Objectives of Legislation:

    • Ensuring better management of records throughout their entire existence.

    • Promoting efficiency and accountability within organizations through improved recordkeeping.

    • Providing protection for vital records and national heritage.

    • Mandating the creation and retention of full and accurate records.

    • Ensuring records management programs align with established standards and codes of best practice.

    • Guaranteeing safe custody and proper preservation.

    • Promoting compliance, transparency, and accountability.

    • Maintaining the accessibility of printed, digital, and technology-dependent records.

Records Classification and Legal Compliance

  • System Function: Classification systems assign sensitivity levels based on the potential impact of disclosure. Legislation provides the legal framework for managing these records throughout their lifecycle.

  • Protective Measures: Proper management ensures protection against unauthorized access, misuse, or premature destruction, safeguarding national interests and privacy rights.

  • Classified Records Definition: Official documents or materials deemed sensitive to national security, foreign relations, or defense, restricted from public access by law.

  • Categorization: Records are formally marked as Restricted, Confidential, Secret, or Top Secret. Access is limited to authorized individuals with proper security clearance.

Protection Levels of Classified Records (Public Sector)

  • TOP SECRET:

    • Explanation: Information that, if disclosed, could cause "exceptionally grave damage" to national security.

    • Handling Requirements: Strict handling via a "Classified Document Register" (CDR), storage in approved locked facilities, and specialized monitoring of access.

    • Examples: Cabinet of Ministers papers on major political/economic policies; armed forces deployment plans for war; correspondence with foreign governments on trade/defense; complete intelligence organization details.

  • SECRET:

    • Explanation: High-level classification where unauthorized disclosure is anticipated to cause serious injury or damage to national security, international relations, or critical infrastructure.

    • Examples: Instructions for Malaysian representatives in foreign consultations; information on military installations; data regarding subversive organizations.

  • CONFIDENTIAL:

    • Explanation: Moderate level of sensitivity. Disclosure could harm public administration, compromise privacy, or undermine trust, but does not present a severe national security risk.

    • Examples: Civil servant personnel files (disciplinary/appraisal); internal audit reports; policy drafts before release; citizen data (tax/land records).

  • RESTRICTED:

    • Explanation: Limited internal use; unauthorized disclosure results in minor impact.

    • Examples: Internal memos; routine operational documents; draft documents.

  • PUBLIC:

    • Explanation: Open access with no damage upon disclosure.

    • Examples: Published reports; public announcements; open data.

Classified Records in Private Organizations

  • Strategic Control: Classification safeguards valuable information assets based on sensitivity and business value. It reinforces competitiveness, business continuity, and profitability.

  • Protection Levels:

    • Highly Confidential / Top Secret: Critical trade secrets where disclosure causes severe financial or strategic loss.

    • Confidential: Sensitive internal info that may harm operations or reputation.

    • Internal Use: Routine internal data restricted to employees.

    • Public: Information approved for external release.

  • Types of Sensitive Private Records: Strategic/policy documents, marketing/competitive intelligence, Intellectual Property (IP), and financial records.

National Archives Act 20032003 (Act 629629)

  • Mandate: An Act providing for the creation, acquisition, custody, preservation, use, and management of public archives and records. Enacted on 10.10.200310.10.2003 via PU (A) 300/2003300/2003.

  • Section 44 - Establishment of National Archives: Declares the National Archives of Malaysia as a federal archive to provide guidelines for storage, preservation, and research facilities.

  • Section 55 - Appointment of Director General: The Yang di-Pertuan Agong appoints a Director General to carry out the powers and functions of the Act.

  • Section 77 - Functions of the Director General:

    • Examine records in public offices to identify those of national or historical value.

    • Advise on creation, maintenance, and disposal of records.

    • Preserve records in the custody of the National Archives.

    • Acquire records of enduring national/historical value.

    • Establish and operate record centres and limbo record centres.

    • Authorize the destruction or disposal of public records.

    • Establish agency record centres and advise on records management programs.

    • Provide training for public records and archives administration.

    • Prepare finding aids and determine access/usage policies.

    • Identify and copy vital records needed for reconstruction during/after emergencies.

    • Authenticate copies of public archives and gather historical information.

  • Section 2525 - Prohibition Against Destruction: No person shall destroy or authorize destruction of public records without prior written consent from the Director General. Offence penalty: fine not exceeding RM 5,000.005,000.00 or imprisonment for up to 11 year, or both.

  • Section 2626 - Disposal of Public Records: Disposal is authorized if records lack national/historical value, are no longer needed for reference, have met an agreed expiration period, or if their physical condition prevents preservation.

  • Section 2727 - Records Disposal Schedule (JPR): Requirement to prepare and submit a schedule in the prescribed form to the Director General for approval.

  • Section 2828 - Transfer of Public Records: Administrative heads must transfer public records to the National Archives.

  • Section 3131 - Acquisition of Non-Public Records: The Director General may acquire records not created by government agencies if they possess enduring national/historical value.

  • Section 3333 & 3434 - Record Centres: Establishment of Record Centres for processing records and Limbo Record Centres for semi-current records pending disposal.

  • Section 3535 - Return of Public Records: The Director General is not required to return any public record whose condition does not warrant removal from National Archive control.

Personal Data Protection Act 20102010 (Act 709709)

  • Purpose: Regulates the collection, use, and safeguarding of personal data in commercial transactions in Malaysia.

  • Administration: Overseen by the Department of Personal Data Protection and the Personal Data Protection Commissioner.

  • Compliance: Violations (unauthorized disclosure, processing without registration) are criminal offences.

  • 20242024 Amendments (Effective 20252025): Fines can reach RM 11 million and imprisonment up to 33 years.

Safety Instructions (Arahan Keselamatan) and Circulars

  • Safety Instructions: Defines Document Security as control over secret and official documents to prevent unauthorized exposure.

  • General Circular Letter No. 11 Year 19931993: Regulations for facsimile machine usage in government offices to ensure document security during transmission.

  • General Circular Letter No. 11 Year 20032003: Collection and preservation of private letters of government servants at the National Archives.

  • Service Circulars Bill. 55 Year 20072007 (Office Management Guide):

    • Part VI: Government mail affairs (preparation, registration, classified mail management).

    • Part VII: File management (classification, encoding, disposal).

    • Part VIII: Public records maintenance and disposal (Head of Department responsibilities, Record Disposal Schedules, Disaster Action Plans).

  • Treasury Circular No. 44 of 20072007 (AP 150150): Amends the retention periods for financial records.

  • Retention Periods (AP 150150 Appendix M):

    • 2020 years: Ledgers and Special Records (e.g., Public Debt Office Loan Registers).

    • 77 years: Main Accounting Ledgers, Cash Books, and Payment Vouchers with contracts (Electronic System).

    • 44 years: Electronic hardcopy payment vouchers; other payment vouchers (Manual System).

    • 33 years: Collector's Statements and official receipt duplicates.

    • 11 year: Daily Cash Books, Postage Books.

Technical Standards and Directives

  • IT Directive (MAMPU - 20072007): Information technology instructions for government modernization and management planning.

  • P.U. (A) 377377 National Archives Regulations (20082008): Determination of forms for the disposal of public records.

  • Malaysian Standard (MS 2223:20092223: 2009): Guide for managing records in public or private organizations; used for audits and compliance.

  • MS ISO 154891:202015489-1:2020: Information and documentation — Records management — Concepts and principles.

  • General Circular Letter No. 11 Year 20132013: Unification of letterhead format for Federal Ministries, Departments, and Agencies.

  • General Circular Letter No. 44 of 20152015: Transfer of official publications/issues to the National Archives of Malaysia.

Regulatory Hierarchy of Records Management

  1. Act / Law: Highest level (e.g., National Archives Act 20032003).

  2. Circular / Regulations: (e.g., Services Circular / Pekeliling Perkhidmatan).

  3. Direction: (e.g., ICT Sektor Awam Policy).

  4. Standard: (e.g., Malaysian Standard MS 2223:20092223:2009).

  5. Guidelines / Procedure: (e.g., Guidelines for managing Public Sector Electronic Mail).