Outsourcing is a business practice where an organisation transfers the responsibility to perform a service or function usually conducted by the organisation, to a third-party provider. Outsourcing can take the form of engaging non-government organisations to provide a function, joint ventures and public private partnerships.
When entering into an outsourcing arrangement a contract is drawn up outlining the terms and conditions of the business relationship. For a government organisation entering into an arrangement with a contractor this means imposing conditions on the third-party provider to comply with the same legislation that the government organisation must comply with.
In the case of information management this is covered by s.33 of the State Records Act 2000 (the Act) which states that any State record created or captured as part of a contractual arrangement remains under the control of the organisation and is subject to that organisation’s Recordkeeping Plan.
Considerations for contracts
What is a record?
Defining what is meant by the term ‘record’ is important in order to clarify for the third-party provider what records will need to be kept and to make sure there are no ownership issues during the contract, and when the contract is complete
For example, the Department of Finance definition is:
Record means information of any kind, including originals and copies of all accounts, financial statements, books, files, reports, correspondence, documents and other materials created for, relating to, or used in connection with the supply of the products and/or services, whether or not containing confidential information, and however such records and information are held, stored or recorded.
What records will be created?
The organisation must certify that the third-party provider keeps accurate and complete records in respect of the outsourced function. Outsourcing a business function does not diminish an organisation’s responsibility to require that tasks are carried out correctly and accountably.
The types of records that must be made to satisfy accountability and performance measurement requirements may need to be specified in a schedule to the third-party provider. In the case of digital information, the formats may also need to be specified to allow for the return of records to the organisation’s business information systems at the end of the contract.
Ownership clauses
Organisations must ensure that the ownership of records created by a third-party provider is addressed. The issue of ownership extends not only to records of the organisation that may be acquired by the third-party provider, but also to records created by the third-party provider in relation to the outsourced function.
Records must remain the property of the organisation regardless of any sub-contracting by, or change of ownership of the third-party provider.
Agreement must also be made on the ownership of intellectual property and the use of information by the third-party provider for commercial profit or other purposes.
Retention and disposal of records
Organisations must ensure that records are disposed of in accordance with a retention and disposal authority approved by the State Records Commission and that third parties do not illegally dispose of any records.
How will the organisation have access to records?
Agreement must be reached between the organisation and the third-party provider concerning the provision of access to records. Failure to negotiate issues beforehand may make it difficult for the organisation to access their own documents in a timely and efficient manner.
Organisations must be able to provide the public with the same level of access to information, as they did before outsourcing, and to carry on their business activities without any restrictions.
Confidential information
Except to the extent that the third-party provider is required by law to retain any records, the third-party provider must return all records containing the contract authority’s and the organisation’s confidential information immediately at the expiration or termination of the contract or as agreed in the contract.
Contract completion
Failure to plan for the completion of a contract may result in loss of information and increased risk of exposure to legal liabilities for both the organisation and the third-party provider. An organisation must ensure that any records required for business continuity are returned as agreed in the contract.
Remember to liaise with you Legal Team when entering into any outsourcing arrangements.
More information on contracts can be found on the Goods and Services Templates, Guides and Conditions of Contract on the Department of Finance website.
Sample Information Management Clauses for Contracts
Show moreTo protect your organisation’s information assets, consider adapting the following clauses when drafting a contract with contractors.
1. The contractor will create and receive records in the format and as specified in Schedule X to meet the <Organisation> legislative, business and accountability requirements.
2. In accordance with the State Records Act 2000, records detailed in Schedule X are a government-owned asset. The intellectual property created or collected by the contractor under this contract is vested in the <Organisation>.
3. The contractor will:
- transfer all records detailed in Schedule X to the <Organisation> on a <weekly/monthly/bimonthly/quarterly/annual> basis for ongoing management in accordance with the <Organisation’s> Record Keeping Plan; OR,
- maintain a record keeping system that meets the minimum compliance requirements to the satisfaction of the <Organisation>. The contractor will transfer all records detailed in Schedule X to the <Organisation > at the completion of the contract for ongoing management in accordance with the <Organisation’s> Information Management Plan.
4. The <Organisation> will be granted unlimited access to all records detailed in Schedule X while in the custody of the contractor. The contractor will be granted unlimited access to all records transferred to the <Organisation> under 3 above for the term of this contract.
5. Access to the records detailed in Schedule X by the contractor after the completion of the contract will be in accordance with the Freedom of Information Act 1992 and <Organisation> policy.
6. Members of the public may be permitted to access the records detailed in Schedule X in accordance with the Freedom of Information Act 1992 and <Organisation> policy.
7. The contractor must not dispose of any records detailed in Schedule X without prior authorisation of the <Organisation>.
Resources
Local Government Records Manager’s Group