Last updated:

Email is a record

Public Records are defined by the Public Records Act 1973 to be “any record made or received by a public officer in the course of his duties”. As emails are made or received by public officers as part of the jobs they do in government they are definitely considered to be public records and should be managed according to the requirements of the PROV Standards.

Records can be made up of one or more documents. This is often true of emails which may be made up of an email plus attachments. In this case the record would consist of both the email itself and its attachment(s).

To manage email records effectively, Victorian Government agencies should:

  • Identify and retain emails that are records of official government business and dispose of those that are not
  • Develop policies and procedures, communicate requirements to all agency staff on a regular basis and ensure this is included in induction and training sessions
  • Determine and implement the most effective way for email records to be stored, so that they are accessible and preserved for as long as legally required
  • Determine the most effective approach to migrating email from one system to another in a manner that preserves the integrity of the email as a record
  • Understand the risks around their email and systems


Email categories for retention and disposal

Email created or received by most agencies can generally be divided into three broad categories, each with different retention and disposal requirements.

Type Description Disposal recommendation
Personal email Emails which relate to private or personal matters and have nothing to do with the business of the agency.
Examples of personal email includes email dealing with topics such as:
  • Let’s do lunch
  • Personal/family arrangements
  • Unsolicited information or jokes not related to staff work responsibilities
If an email incorporates personal and work-related information, then the email is a public record.
Personal email can be destroyed as soon as staff no longer require the email.
Ephemeral email Emails which facilitate agency business but do not need to be retained for business purposes.
Examples of this type of email include:
  • Notices of meetings
  • Copies of minutes
  • Copies of reports or newsletters
  • Staff out-of-office notifications or other general notifications of a staff member not being at their desk
  • Advertising material and any other publicly available material
  • Internal work-related email received by “carbon copy” (cc) or “blind carbon copy” (bcc)
Ephemeral emails can be destroyed as part of normal administrative practice (NAP).
Official business email

Emails which form part of the public record and which document the business activities of the agency.
Examples of official business emails include:

  • A communication between staff in which a formal approval is recorded
  • A direction for an important course of action
  • Business correspondence received from outside the agency

Official business email must be retained for as long as is determined by the relevant Retention and Disposal Authorities (RDAs).



Checklist for identifying email category



Policy, procedure and staff support

Agencies should ensure that email is covered in their wider information management and records management policies and procedures to help define:

  • Which emails need to be captured as records
  • Who is responsible for capturing records from email systems and when
  • How emails should be captured in the agency*

*  Note that some of these actions could be performed automatically by a system.

It is also important to provide continuing communications, training and support to staff to ensure emails are being managed properly in the agency.


Storage requirements

Official business email records should be stored in a system that can manage them effectively for as long as needed. This could be an electronic document and records management system (EDRMS), a case management system or another suitable business system.

This will ensure the email records are stored in context with search, access, and disposal functionality as opposed to leaving them in an email system which is designed to store email, not manage them appropriately over time.

Email records of permanent value should be retained as State Archives and transferred to Public Record Office Victoria. See Transferring records to PROV for further information.

Email risk considerations

Email systems create and store electronic records but do not manage them very well.

This is especially true if you have a system where:

  • Emails are bundled into large compressed files without contextual information
  • Emails are not easily accessible due to large volumes and/or inadequate search functionality
  • Low value, temporary emails cannot be disposed of
  • High value emails cannot be identified and captured

It is important to realise that when important  records of official agency business (such as emails which authorise financial decisions or policy changes) are lost or unmanaged, agencies may face increased legal and reputational risks.

Emails which form part of the  official business record should be able to be read by anyone who has sufficient access privileges. That is, authorised staff should be able to read emails which are relevant to their work regardless of which email inbox the email was sent from or to. 

However, many email systems only allow the recipient or the creator of emails to access those messages. This means that some alternative method for providing access to those  emails must be found.

It is important that records not be able to be altered (or that alteration only happen in an authorised fashion), otherwise they may not be considered reliable evidence.

Many email systems allow users to alter their messages after they have been sent or received. In the event of a dispute about the content of a particular email, the ability to prove that the version of the email being advanced as the record is identical to the version that was sent or received is paramount.  Thus, a method must be devised that ensures that emails that are records cannot be altered after dispatch or receipt, or, at least, that any such alterations cannot be made undetectably.

An important component of email (and other records) management is classification. That is, emails should be filed so that they are related to other documents (paper or electronic) on the same subject.

If this is done, it is possible to build up a complete picture over time of events related to a particular subject or client or project. If this is not done and related emails are scattered across the agency, it is very difficult to guarantee that all emails which are relevant have been found.

Another issue to consider is technical obsolescence. It is highly likely that email kept in most email systems will be unreadable in as little as five years time.

This may not be important for some records, which are not required for more than two or three years, but will be very important for some other records, especially those which are deemed to be important records of the state which must be preserved forever.

It is for this reason that PROV developed the Victorian Electronic Records Strategy (VERS) technical solution which includes a list of approved long term preservation formats. For email, the approved format is MIME (.eml). See PROS 19/05 S3 Long Term Sustainable Formats Specification for further information.

A common issue is the belief that email are not public records or that they only need to be kept for seven years or 30 days after offboarding.

As disposal authorisation is based on the function and the activity the email concerns, different email have different retention periods. Some email may need to be retained for more than ten years, and some email may need to be retained permanently. Some email can be disposed of straight away under normal administrative practice.

For more information on disposal, including authorisation mechanisms, please refer to the Disposal Topic Page.

When migrating email from one system to another, the integrity of the email as a record must be maintained. Changing email platforms involves navigating through several major risks to records and information. These include data loss, retaining contextual links, maintaining access to full and accurate records and information, and preventing premature disposal.

Backup solutions need to ensure that emails can be identified and recovered, within agreed timeframes. There have been many cases where older emails have been urgently needed for court cases, royal commissions or audits and the process for recovering them has been extremely time-consuming and expensive. For example, in cases where back-up tapes have not been searchable.

Migration requirements or the nature of the legacy email system may result in loss of records or the integrity of the record due to:

  • Proprietary formats used in the old system not matching requirements for the new system preventing their migration
  • Not being able to tell the difference between business and ephemeral email without user intervention
  • Theoretical logic being used to preserve email chains with users required to check and flag missing email chains
  • Encrypted email requiring user intervention to decrypt them
  • Links within email to records in other systems broken as a result of the migration requiring manual intervention to fix
  • Reliance on user intervention to appraise and classify email

Material in the Public Record Office Victoria archival collection contains words and descriptions that reflect attitudes and government policies at different times which may be insensitive and upsetting

Aboriginal and Torres Strait Islander Peoples should be aware the collection and website may contain images, voices and names of deceased persons.

PROV provides advice to researchers wishing to access, publish or re-use records about Aboriginal Peoples