Information Management Policy

Purpose

This information management policy is the foundational policy for the management of diocesan information, which includes records, data, and patrimonial goods. It also establishes the scope and responsibilities for managing the Diocese of Salt Lake City's information to ensure that the Diocese is in compliance with canon, state, and federal laws.

Scope

This Policy applies to all employees, volunteers, vendors and contractors at the Diocesan Curia, parishes and schools.

Ownership of Information

The Diocese of Salt Lake City owns all information created, received, used or maintained by 
employees, volunteers, vendors or contractors during the course of Diocesan business.

The Diocese of Salt Lake City owns all information created, received, used or maintained by 
employees, vendors or contractors stored on vendors or third-party vendors databases during the course of Diocesan business.

Responsibilities

Office of Archives and Records

The 1983 Code of Canon Law dictates that the principal task of the Chancellor or delegate appointed by the Chancellor is to see that the acts of the curia are gathered, arranged and safeguarded in the archives of the Diocesan Curia. With the authority granted by canon law, the Office of Archives and Records will:

1. create policies and procedures for the effective management of information.
2. train staff on policies, procedures and best practices for information management.
3. work with employees and vendors to ensure that records are properly maintained, preserved, secured and disposed in accordance with Diocesan policy.
4. work with employees and vendors to ensure data stored on vendor or third party databases is in compliance with Diocesan data policies and standards.
5. administer and care for the patrimonial goods of the Diocesan Curia.
6. answer questions and requests for information by Diocesan staff, parishes, schools, 
7. institutions, and the general public.

Diocesan Employees

All Diocesan Employees are responsible for the day-to-day management of information they created or received during the course of business and for complying with all Diocesan information policies.

Vendors, Third Party Vendors, and Contractors

All vendors, third party vendors and contractors are responsible for maintaining and managing 
Diocesan owned information they create, receive or store in a database during the course of 
Diocesan business and for complying with all Diocesan information policies.

Appendix Definitions

Data: information that is raw facts; that is, facts that have not yet been processed to reveal 
their meaning to the end user.

Information: both records and data that through analysis, interpretation, and compilation have been given additional value beyond the value of individual facts to help facilitate decision making.

Patrimonial Goods: information that is an artifact, such as sacred objects and artwork, used for divine worship or aesthetics.

Records: information created, received, and maintained by a Diocesan office, department, parish or school as recorded evidence of daily diocesan business.

Third Party Vendors: is an entity, an individual, or a company tasked with providing products and services to consumers on behalf of an organization (Tabitha Njogu. Difference Between Vendor and Third Party. www.differencebetween.net/business/difference-between-vendor-and-third-party accessed November 11, 2020).

Vendors: a person or an entity that provides goods and services to other entities (Tabitha Njogu.  Difference Between Vendor and Third Party. 
www.differencebetween.net/business/difference-between-vendor-and-third-party/, accessed November 11, 2020).