It was a solitary email that became pivotal to a Royal Commission and a Parliamentary Inquiry; two investigations that have had significant implications for government recordkeeping in South Australia and continue to resonate today.

The email in question was sent to a ministerial chief of staff on 2 December 2010 and provided information relating to an incident that had occurred at a school the day before. Through investigations that followed it became evident that the recipient had saved the message externally to the Outlook email client and that the original email was, at some point in time, subsequently deleted.  The computer hard disk was also forensically wiped, as was the practice when ministerial reshuffles occurred. A forensic inquiry uncovered metadata that showed that the message had been forwarded on but was not able to determine to whom it was forwarded.

This detail became critical to the Royal Commission into the South Australian (SA) Department for Education and Child Development’s (DECD) handling of an abuse case at a government school. Concerns raised in that Inquiry have influenced recordkeeping in SA at both DECD and State Records of SA.

Although the case at the centre of the investigation raised many issues from a records and information management perspective, we must not lose sight of the fact that this is a very human story, one based on the suffering of an innocent.  So while I may refer to positive outcomes, it is with an understanding that the outcomes pale into insignificance when compared to the suffering individuals have endured through this tragedy.  My hope is that government collectively learns from this and other similar examples so that we can lessen the impact should something similar occur.

Firstly, it is important to understand something unique about the role of the office of State Records in SA.  Unlike other Australian jurisdictions, as the archival and records management authority in SA, State Records also has a responsibility for other related functions. Of particular importance in this case is State Records’ role in supporting the Minister responsible for the administration of the SA Government’s administrative scheme for privacy – the Information Privacy Principles Instruction (IPPI).  Unlike most other jurisdictions SA does not yet have information privacy legislation.

On 1 November 2012 the State Government of SA appointed former Supreme Court Justice Bruce Debelle to conduct an independent review (the Inquiry) into the events and circumstances surrounding the arrest and later conviction of an employee of an Out of School Hours Care Service at a metropolitan school on charges of sexual assault committed against a child in their care.

The Terms of Reference of the Inquiry were as follows: 

To undertake an independent review in relation to the events and circumstances surrounding the non-disclosure to the school community of allegations of sexual assault committed by an employee of the Out of School Hours Care (OSHC) Service at the school against a child in [the individuals] care in 2010.

The review should consider the actions of all relevant agencies and make recommendations relating to the actions of parties involved and the procedures and processes that should be in place in these circumstances.

Following concerns raised by former Justice Debelle, he was further invested with the powers of a Royal Commissioner on 10 December 2012.  Former Justice Debelle submitted his final report in June 2013.

The Inquiry’s final report detailed a wide range of issues and recommendations, including matters relating to record keeping, privacy and information sharing.  Of particular note was the management of emails within the Minister’s Office and the sanitisation of ICT assets. 

Continued questioning by the opposition and community also led to the appointment of a Parliamentary Select Committee with the express purpose to report on “any matter raised by the Debelle Inquiry related to incident and records management, including compliance with legislation and policy”.

The incident

To provide some insight as to how the arrest and conviction of a person led to a Royal Commission which in turn made recommendations of a records management nature it is important to understand some of the key aspects of the incident.

On the evening of Wednesday 1 December 2010 a child who had been in the care of the OSHC service earlier that afternoon told their mother about an incident that took place at the OSHC earlier that day.

Police attended the house that evening and later informed the school’s principal.   Police returned to the house the following day and interviewed the child. At 1.00pm on the day following the incident the OSHC worker was arrested, charged and released under strict bail conditions.

It is not necessary for the purposes of this article to discuss in detail the incident or the response from DECD and the school – former Justice Debelle’s final report adequately covers both and is available at http://www.decd.sa.gov.au/educationinquiry/pages/default/edinquiry/?reFl....

It is important to note, however, that on advice from the DECD the school gave nothing more than cursory information to parents over the coming days, weeks and months, so that by the time the individual appeared before court in August 2011 many staff and families connected to the school knew nothing of the incident. On 9 February 2012 the OSHC worker was sentenced to imprisonment for 6 years.

As details of the case emerged through the media parents at the school became increasingly frustrated and angry at the limited information being provided by the school and DECD.  This led to an Ombudsman’s investigation and questions being asked in Parliament on 30 October 2012.

When asked about why the school had not informed parents, the then Minister for Education responded that “the school did not send information to the community about this incident – on the advice of SAPOL”.

SA Police (SAPOL) did not agree with the Minister’s assertion and that same evening published a media release to that effect.

The dispute between SAPOL and DECD caused the Minister for Education to establish the Inquiry.

Management of government records

Former Justice Debelle raises concerns of a records management nature on a number of occasions throughout his report. 

One criticism was the lack of a “central file” within DECD that incorporated all aspects of the incident and subsequent follow up.  On many occasions he makes remarks such as “yet another example of the problems resulting from the fact that there was no central file“.  The problems associated with this include individuals not having all of the information they need to provide advice, staff scrambling to reconstruct events and misinformation leading to wrong decisions.

Other concerns raised by former Justice Debelle included staff failing to keep a written record of conversations or decisions and inaccurate recording of information.

Two other aspects of information management became a focal point of not only the final report but also subsequent actions by government:

• the management of electronic records and particularly email, and
• the need for greater clarity around the sharing of information. 

Returning to the one particular email that caused questions to be asked and ultimately became one of the focal points of the Parliamentary Inquiry; on 1 November 2012, under questioning from the Opposition, the Premier, who had been Minister for Education at the time of the incident, stated that he had not been advised of the incident at the time it occurred.  He reiterated this position at a press conference the following day.

Later that day the Premier received a call from his Chief of Staff, who informed the Premier that despite having looked previously and finding nothing, the email that had been sent to him when he was the Premier’s Chief of Staff in the Education portfolio had been found. 

This email was sent by a DECD employee to the Chief of Staff on 2 December 2010 (the day after the incident) and provided detail of the incident. The Chief of Staff had located the email in a personal folder on his computer. As the Inquiry progressed it became evident that upon receiving the email the Chief of Staff had forwarded it – however the recipients of that “forward” remain unknown.

The Chief of Staff had no recollection of receiving the email, or of later forwarding it on, and was of the belief he had not informed the Premier about it.  The Premier also openly stated he had not received the email. Former Justice Debelle, in his final report, indicates that he believed the evidence of both the Chief of Staff and the Premier in relation to the email and the fact that the Premier was not informed.

A number of matters relating to the management of email became evident through former Justice Debelle’s Inquiry:

This and possibly other emails, which were quite obviously “official records” for the purposes of the State Records Act 1997, were not captured and managed properly.

In line with the SA Government’s Information Security Management Framework, DECD sanitised ICT equipment before it was re-used or sold.  If official records were not already captured within the corporate system then they may be lost through that sanitisation process. Forensic analysis of various pieces of ICT equipment belonging to the Premier and his staff was unable to locate or determine who the email was forwarded to.

Former Justice Debelle’s inquiry also raised a second issue, that of improving information sharing.  As former Justice Debelle correctly pointed out, early intervention and assistance to those in need will be assisted if there are mechanisms or processes in place by which information can be shared between those individuals, agencies and organisations involved.

While mechanisms existed for the sharing of information (Information Sharing Guidelines for Promoting the Safety and Wellbeing of Children, Young People and their Families and the IPPI) former Justice Debelle believed that in the broader context a clearer picture was required. 

Recommendations of the Inquiry

A total of 43 recommendations were tabled by former Justice Debelle, the majority of which were designed to improve DECD’s ability to react, coordinate and effectively respond to allegations and/or cases of sexual abuse.

There were three recommendations that had implications for the management of official records within DECD.

Recommendation 8: It is recommended that when allegations of sexual misconduct are made against any person employed in any capacity at a school, the department will (a) appoint one person to supervise and co-ordinate the Department’s management of the matter until all aspects of that matter have been resolved, and (b) create a central file for that matter in which all documents relating to the matter and a copy of all relevant correspondence including emails are kept for future reference.

Recommendation 9: It is recommended that the department introduce procedures to ensure that information is accurately recorded by departmental officers and correctly stated in all documents created by the department, including ministerial briefings, reports and other internal departmental correspondence including emails.

Recommendation 10: It is recommended that the department introduce systems which ensure that the flow of information within the department occurs in an accurate and timely manner to all relevant officers.

It is clear that improving the management of official records, particularly emails, became a key theme.

During the conduct of the Inquiry the Government amended information privacy principle (IPP) 10 (Disclosure of Personal Information) of the IPPI to include a new sub-clause to allow "the disclosure of information where the agency has reason to suspect unlawful activity has been, is being or may be engaged in, and discloses the personal information as a necessary part of its investigation of the matter or in reporting its concerns to relevant persons or authorities".

With this in mind former Justice Debelle also made three recommendations to improve understanding and clarity around information sharing.

Parliamentary Select Committee

The subsequent Parliamentary Inquiry commenced on 11 September 2013 when a Select Committee of the Legislative Council was appointed to focus on the Independent Education Inquiry.

The Committee’s Terms of Reference were to investigate and report on:

• Any matter arising from the 2012-2013 Independent Education Inquiry also known as the Debelle Inquiry;
• Any matter raised by the Debelle Inquiry related to incident and records management, including compliance with legislation and policy;
• Progress on the implementation of recommendations of the Debelle Inquiry.

The Committee noted that “the Debelle Report described a process in which certain critical emails from DECD to inform the Education Minister and staff did not arrive at their destination, and departmental actions that left parents uninformed on matters that clearly affected their children.  It documented a culture in the department that did not facilitate a quick and effective response to serious incidents that occur on DECD sites.” 

The Committee also noted that “following the release of the Debelle Report, disciplinary action was taken against a number of public servants from DECD.” Amongst a large number of witnesses, which included the SA Government’s Chief Information Officer and staff from the Minister’s Office, the then Director, State Records was asked to provide evidence on Friday 4 October 2013. That evidence included discussion on:

• The status of Ministerial Offices as agencies for the purpose of the State Records Act 1997 and the applicability of standards published by State Records.
• The management, retention and destruction of records, with particular reference to emails and the use of approved disposal schedules.

• The increased volume of electronic documents, with specific reference to emails and the need to invest in systems to manage these records.
• The sanitisation of ICT equipment and relationship to the management of official records.

The Committee produced an interim report in November 2013 and its final report in February 2014, both of which provided insight into the issues it believed had been uncovered through the Debelle Inquiry and the Committee’s findings.

Of importance is that in its final report the Committee stated that it felt “DECD has implemented all of the recommendations that were the responsibility of the education portfolio” arising from the Debelle Report.

The Select Committee made 11 recommendations in all and these were based on the evidence provided and the key findings of the Committee. 

Of relevance to State Records are the following comments made within the final report:

• Lack of compliance with the State Records Act 1997 and relevant guidelines.  Such failure risks exposing citizens and government to legal and other risks.
• Given the dramatic increase in electronic communication, it appears the government has failed to ensure the Act is complied with.

The following recommendation was also of relevance to State Records:

• Recommendation: The terms of reference for the review of the State Records Act are too narrowly focussed and should be updated.

Government’s response

In response to Recommendations 9 and 10 of the Debelle Report DECD concluded that a number of projects be initiated, which would run parallel to and complement one another.  The aim was to enhance DECD’s capacity to give full effect to those recommendations.

An EDRMS Pre-Implementation Project was approved comprising four components and undertaken by Records & Archive Services:

• Business Process Mapping of State Office business units.
• The development of a Records Disposal Schedule for State Office.
• The development of a Business Classification Scheme dedicated to State Office.
• The development of an agency specific functional thesaurus.

At the time of writing the Business Process Mapping exercise has been completed, the Business Classification Scheme is ready for DECD Senior Executive Group endorsement and the disposal schedule for DECD State Office has been submitted to State Records Council for consideration at its meeting in October 2014.

The outcomes of the EDRMS Pre-Implementation Project provide the foundation for a broader EDRMS Project. A project team has been established to deliver the EDRMS Project and in June 2014 a contract between DECD and Objective Corporation was signed by both parties for the delivery of an EDRMS solution in DECD State Office.

In addition, an ongoing records management training program has been established, delivering to over 2000 DECD employees across sites since June 2013. DECD’s response has been thorough and has led to positive change across the department.

State Records also undertook a number of initiatives in the wake of the Debelle Report. State Records met with representatives of both the Minister’s Office and DECD to consider further their records management practices and provided specific advice to both agencies. This included consideration and review of policies and procedures as well as work practices.

Specific advice was also provided to Ministerial Offices concerning the management of email and the importance of capturing official records within records management systems and to not rely on ‘back-ups’ as a form of archiving.  This advice supplemented State Records’ existing guideline on the management of email as an official record.

Further work with Ministerial Offices has led to the development of a Ministerial Handbook relating to records management.  Once completed this document will provide a single reference point for Ministerial staff wishing to establish and maintain a records management program.

State Records also considered the policies and procedures of the OCIO (particularly the Information Security Management Framework) and DECD that established how certain aspects of the department operated, with particular reference to the sanitisation of ICT equipment prior to it being salvaged or re-used.

Following the publication of the Debelle Report,  a range of further changes were made to the IPPI on 5 August 2013 to implement Recommendation 33 of the Inquiry and to further improve information sharing by public sector agencies

The Privacy Committee of SA also released two papers of relevance since the Inquiry:

• Amendments to the Information Privacy Principles Instruction
• Information Privacy Principles and Child Protection Guideline

State Records is progressing the development of information privacy legislation for SA and, while not directly linked to this matter, the Inquiry did note that there was a lack of effective mechanisms to ensure agency compliance with the IPPI and that this may contribute to agency apathy in implementing the IPPI.  In addition, the lack of awareness and understanding of the IPPI represents a barrier to appropriate information exchange. 

State Records is hopeful that replacing the IPPI with a legislative regime will address these issues. 

Legislative Review

Finally, the Review of South Australia’s State Records Act 1997 has only recently concluded. Aware of the growing problem of retaining and storing official records and, in particular, electronic records, and spurred by events concerning missing records, in September 2013, the Attorney-General, in his capacity as the Minister responsible for the State Records Act 1997, appointed Mr Alan Moss, a Retired Judge of the District Court, to conduct a review of the operation of the State Records Act 1997.

The Review considered the extent to which the current legislative framework effectively achieves the objects of the Act with particular consideration being given to electronic records.

The Review published its terms of reference on the Government’s YourSAy website on 25 November 2013 and invited submissions from interested parties.  Submissions were accepted up to the end of January 2014.

 In December 2013 Mr Moss held a consultation session with key stakeholders from the records management and archives community. 52 submissions were received by the Review outlining a wide range of issues with the Act and its operation. 

Some of the more significant issues that emerged included:

• Need for clear provisions in the Act with respect to electronic records.
• Inability of the Act to ensure agency compliance with adequate records management.
• Complexity, timeliness and cost of the process for disposal.

Replacement of paper based records with digital copies, allowing for the reduction of paper stores and associated costs of temporary storage.

Lack of a central digital archive for the SA public sector.

• Need for a default open access period under the Act.
• Lack of investment in technical expertise and infrastructure within State Records.
• General lack of expertise and professionalism in records management in public sector agencies.

Following consideration of the submissions Moss developed a final report containing 12 recommendations relating to all aspects of the current legislation including the functions and responsibilities established under the Act. It is important to note at this stage that the report has only recently been finalised and consideration will need to be given by government as to how it responds. State Records will play a key role in that process and the implementation of recommendations.

The report notes that records management appears to be a low-priority for many agencies.  It is hoped the recommendations address that.

The report and the recommendations represent a significant change to the current order. There are key themes that run through the whole report including:

• The need to improve performance generally in the management of official records.
• Stronger leadership and changes to the role of the State Records Council.
• Strengthening the powers of the Director, State Records.

As government considers the report and its recommendations it is clear that the integrity of State Records and its ability to lead change across government will become an increasingly important aspect.

Conclusion

At the core of this is a very tragic human story and we should never lose sight of the fact that it has taken something of this magnitude to affect change. Government has a responsibility to its citizens and particularly to those in society who are, for whatever reason, vulnerable.  This responsibility goes beyond providing services to support and enhance their lives; it gets to the very root of what a decent and moral society and government should be.

Whilst to many the management of a government’s official records is a mundane administrative burden, cases like this highlight its importance.

Alan Moss in his Final Report opens by saying that “the adequate keeping and maintaining of records is an important function of a civilised society.  Records document our history and social development and inform our customs, laws, politics, morality and social norms”.  He goes on to say that “the loss of official records can also adversely affect an individual’s rights and remedies” and here he draws upon the State’s 2004 Inquiry into Children in State Care where “the Inquiry documented the significant harm that had arisen from the destruction of a large amount of vital evidentiary records of children in state care”.

I am hopeful that this may be the start of change, that the review of the Act, that came in some ways from this episode, leads to a stronger framework and deeper understanding of the need to manage official records. 

It also raises the bar for State Records and its role in affecting change across government as well as the need for a central body to be responsible for directing government’s management of this vital asset.

Simon Froude is Acting Director, State Records of South Australia, Department of the Premier and Cabinet, Government of South Australia. The complete version of this article was originally presented at the Records and Information Management Professionals Australasia inForum 2014 conference, Adelaide, September 2014.