Laws and policies governing records management exist at the university, university system, state, and federal levels and include the following:
University of Maryland Records Schedule: Specifies record types, conditions of retention, and disposition of university records, not including University of Maryland Department of Public Safety.
University of Maryland Department of Public Safety Records Schedule: Specified record types, conditions of retention, and disposition of University of Maryland Department of Public Safety records.
III-6.30(A) - University of Maryland Policy and Procedures on the Disclosure of Student Education Records: Describes how the university intends to comply with requirements of the Federal Family Educational Rights and Privacy Act (FERPA), including how students may obtain access to educational records and how the university will notify students of their rights under FERPA.
VI-1.05(B) - University of Maryland Policy Concerning Name, Sex, Gender, and other Personal Identity Information in University Records: Outlines policy on the use of names, sex and gender identity markers, and honorifics or titles recorded for students, active or retired faculty and staff, and alumni of the university.
VI-5.00(A) - UMCP Guidelines and Procedures Governing the Inspection of Public Records: Describes how the university complies with the Maryland Access to Public Records Act (Annotated Code of Maryland, State Government Article §10-601 et seq.).
VI-22.00(A) - University of Maryland Policy on Institutional Data Management: Defines and establishes policy for the management of institutional data, which relates to administrative functions of units of the university.
VI-23.00(A) - University of Maryland Policy on Data Management Structure and Procedures: Establishes roles, responsibilities, and requirements for data management on campus, including data security and levels of access.
VI-24.00(A) - University of Maryland Policy on Compliance with the Health Insurance Portability and Accountability Act: Describes how the university intends to comply with the Federal Health Insurance Portability and Accountability Act (HIPAA).
VI-25.00(A) - University of Maryland Policy on Gramm-Leach-Bliley Act Information Security Program: Describes university practices to comply with the Federal Trade Commission's Safeguard Rule and the Financial Services Modernization Act of 1999, which requires institutions of higher education to implement administrative, technical, and physical safeguards for certain types of nonpublic personal financial information.
VI-26.00(A) - University of Maryland Policy on the Collection, Use and Protection of ID Numbers: Authorizes the creation of unique identifiers for persons in university transactions, replacing the use of social security numbers.
VIII-1.40(A) - UMCP Policy on the Forms Management Program: Establishes university policy and procedures to maintain a central repository and approval procedure for all forms, as required by the Annotated Code of Maryland, State Government Article, §10-604 through §10-608.
Collection Development Policy Statement for University Archives: Describes the purpose, scope, and practices through which the Libraries build and shape the University Archives, the official repository for the university's permanent records and other materials documenting university history.
III-6.00 - Policy on Academic Transcripts and Financial Aid Records: Establishes requirements for institutional policies on creating and providing access to academic transcripts and financial aid records of enrolled students.
III-6.30 - Policy on Confidentiality and Disclosure of Student Records: Establishes requirements for policies protecting the confidentiality of student education records.
VI-5.00 - Policy on Inspection of Public Records: Requires University System of Maryland institutions to comply with the Maryland Public Information Act.
VI-6.10 - Policy on Records Management: Establishes the need for a Records Management Program at each institution within the University System of Maryland, as well as high-level roles and responsibilities for administering these programs.
VIII-1.40 - Forms Management: Establishes the need for a Forms Management Program at each institution within the University System of Maryland.
VIII-7.20 - Policy on External Audits: Establishes an annual consolidated financial audit of institutions and components of the University System of Maryland.
VIII-11.00 - Policy on University System Travel: Establishes University System of Maryland policies on travel approval, reservations and ticketing, reimbursement, use of vehicles, and travel with spouses. Requires USM institutions to publish clear and concise policy, requirements, and procedures consistent with the System-wide travel policy.
X-1.00 - Policy on USM Institutional Information Technology Policies, Including Functional Compatibility with the State Information Technology Plan: Establishes a framework for creating institutional information technology policies, standards, guidelines, and operating practices compatible with the State of Maryland Information Technology Master Plan.
X-2.00 - Policy on Compliance with USM Policies through Technology: Requires USM institutions to submit any reports, policies, and procedures available on institutional websites to the Chancellor or Chancellor's Office.
Annotated Code of Maryland, State Government Article §10–608 through 10–615:
Code of Maryland Regulations (COMAR) 14.18.02 - Records Retention and Disposition Schedules: Describes the purpose, scope, procedures, form and format, and responsibilities of agencies, custodians, public officials, and employees in carrying out records retention and disposition schedules.
Annotated Code of Maryland, Health-General Article §4–403: Establishes state law for managing medical records.
Annotated Code of Maryland, General Provisions Article, §4-101 et seq.: Maryland Public Information Act, governing access to public records.
Family Educational Rights and Privacy Act: Protects the privacy of student education records.
Health Insurance Portability and Accountability Act: Establishes national standards for electronic health care transactions and code sets, unique health identifiers, and security.