What is the Core Student Record?
The Core Student Record (CSR) is an entry that has been published in the University’s public-facing Record Retention Schedule (RRS) since November 2020. It sets out specific data relating to the student as a learner that the University retains indefinitely. The CSR is for the most part related to data captured in the Transcript and the Higher Education Achievement Report (HEAR). It is retained so that during a student’s working life the University can provide information on what a student has studied and achieved, and confirm that they attended the University. The CSR also contains certain limited data in relation to a student's non-academic achievements and activities at the University.
The indefinite retention period set out in the Records Retention Schedule for the Core Student Record reflects that the University seeks to provide certain specified information about its students for their lifetime, and then beyond, as part of the University’s institutional memory and history. The establishment of the CSR follows the approach set out in the JISC guidance on Student Records.
It is important to make a distinction between the Core Student Record and student data relating to other aspects of a student's relationship with the University, to ensure that non-academic records are not retained for unnecessarily lengthy periods, consuming storage resources and creating potential breaches of the General Data Protection Regulation – or any successor legislation. Student data held outside the scope of the CSR might, for instance, relate to certain financial or professional regulatory body records, or those relating to how a student has engaged with University services whilst at Warwick – which will be retained for shorter defined periods of time as set out in the RRS.
What is the lawful basis for processing the Core Student Record?
The Core Student Record contains personal data and the lawful basis for processing this data relates to the task undertaken in the public interest to record the outcome of an individual’s learning during their time at the University. This public task is derived from the Charter of the University of Warwick – specifically, clause 3, in relation to the University’s objectives for the advancement of learning and knowledge by teaching and research and the provision of University education; and clause 4 (a-c) in relation to its powers to grant academic degrees, diplomas, certificates and other academic distinctions, including dual and joint awards, honours and distinctions; and if necessary, to revoke awards granted by the University. As such, the ongoing retention of the CSR allows the University to maintain a record that it has performed these duties in respect of its students on an individual basis.
Where should the Core Student Record be stored?
In terms of records management, it is best practice for an institution to establish where the Core Student Record (the one version of the truth) will be maintained and stored. At the time of writing, the CSR at the University is held in SITS. If the Department you work in is in possession of student data outside of SITS (in paper format, or in another digital system, microfiche etc.) you must first check the University guidance on Student Records Systems and Data Retention at Warwick for guidance on how to manage this information. In addition, you must check that the data is held on SITS (if you have access to this system) or contact Student Records to assist with your enquiry.
If the data held within the CSR is contained in SITS, a duplicate record must not be kept unless there are exceptional circumstances, for example to support fitness to practice or other regulatory proceedings.
All student data within the CSR or concerning other aspects of a student’s relationship must be managed in line with the specific entries in the RRS relevant to that data. If student data that you work with is not included as an entry in the RRS please contact the University’s Information and Records Management Advisory Team to help develop a retention period for the data.
Security & Information Management is Everyone's Responsibility
How to get help
Who needs to know this?
This information concerns us all. If you use a Warwick staff card, a Warwick email address, access one of our staff or student record systems or share your Warwick work with colleagues within or beyond the University, you are involved in activities that must be kept secure.