Records Retention and Disposal Policy
Contents
- 1. Introduction
- 2. Scope
- 3. Retention of Records
- 4. Retention Requirements for Personal Data
- 5. Disposal of Records
- 6. Records for Permanent Preservation
- 7. Duplicate Records
- 8. Other Relevant Policies
- 9. Monitoring and Reviewing
- 10. Useful contacts
Corporate Records Retention and Disposal Policy
Department responsible: Corporate Information Governance – Records Management Officer
Document release: July 2023
1. Introduction
1.1 In accordance with the Code of Practice on the Management of Records Bradford Council has implemented a Records Retention and Disposal Policy and an associated Records Retention Schedule;
- The Data Protection Act 2018; Article 5(1)(e) states that personal data must not be kept for any longer than is necessary for the purpose for which it is
processed. - The Freedom of Information Act 2000; The Code of Practice issued under Section 46 of the Act sets out rules on how records and information should be managed, including responsibilities to implement records retention and disposal schedules.
- The Local Government Act 2000; Section 22 requires that written records are kept of decisions made and that these may be made available to the public.
This policy sets out the functions, activities and transactions which either generate, or which necessitate, the keeping of records, along with the associated retention schedule which stipulates the time periods for which those records need to be retained and their recommended disposal.
1.2 Documents will not be retained beyond the required retention period unless an identified exception has been identified. Bradford Council’s retention schedule also lists, where applicable, details of any legislation, regulation, guidelines or codes of practice which impact on the creation or disposition of each type of record.
1.3 Bradford Council is committed to managing records in a way that protects the rights of the Council as well as its employees and citizens. In doing so Bradford Council will:
- Identify the records it needs to retain - and those it does not.
- Define how long information is kept to meet the legal, financial and other requirements of public administration.
- Apply those rules systematically to its records and information.
- Confirm how information will be stored at different stages of its life-cycle and how it will be destroyed at the end of its life.
- Provide evidence that records have been disposed of consistently in case of challenge.
2. Scope
2.1 This policy is relevant to all records held by Bradford Council and applies to everyone who has access to the council’s information, records or assets. This may include, but is not limited to, employees of the council, members of the council, temporary workers, partners and contractual third parties.
2.2 This policy covers not only personal data but all records in physical, electronic and all other formats as listed in the Records Management Policy.
2.3 This policy does not cover documents that are not council records, for example non-work related emails, stationery or reference material.
3. Retention of Records
3.1 All council records will be retained and disposed of in accordance with clear rules agreed between relevant service areas, the Records Management Officer and Legal Services. Rules stating how long records will be kept for (retention periods), and the manner of disposal at the end of these retention periods, are outlined in Bradford Council’s retention and disposal schedules.
3.2 Retention periods will be assigned to existing records retrospectively (as far as possible) and to all newly created records.
3.3 The length of the retention period will depend on the type of record, its value to the council and any legislation or standards that may apply. Where possible, disposal, review or transfer dates will be recorded on, or within the record or collection of records.
3.4 All Departments / Services will follow the council’s guidance for setting retention periods, to ensure that records are kept for long enough to provide a reasonable level of historical information, which may be required for future reference purposes. Similar records across the organisation will be held for the same length of time.
3.5 In some cases, such as audit, investigation, legal enquiry or for some other reason, it may be judged necessary or prudent to grant an exception to the retention and disposal requirements outlined in this document; this may entail retaining documents for longer than the specified retention period. If so, destruction should be delayed until the litigation is complete or, in the case of a request for information, all relevant complaint and appeal provisions have been exhausted. The ability to enact an exemption is a requirement under the Freedom of Information Act and should be done so only with the approval of the Corporate Information Governance team.
3.6. Documents that are not council records (See 2.3) will be disposed of once their usefulness has passed.
4. Retention Requirements for Personal Data
4.1 UK GDPR Article 5(1)(e) regarding storage limitation specifies that personal data shall be kept for no longer than is necessary for the purposes for which the personal data are processed. Personal data may be stored for longer periods insofar as it will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) of UK GDPR.
4.2 Personal data must be periodically reviewed in accordance with Bradford Council’s retention schedule and if no longer needed it should be deleted or anonymised as appropriate. Anonymised data is not subject to UK GDPR or the Data Protection Act 2018.
4.3 Bradford Council’s lawful basis for processing personal data is set out in its Privacy Notice.
5. Disposal of Records
5.1 Records will be disposed of appropriately and securely once their retention period has expired. Records should not be retained beyond disposal dates, and therefore services must consider the practicality of disposing of records in accordance with the relevant date.
5.2 Retention rules also cover ‘archived’ data or data held on backup systems which are the responsibility of Information Technology services.
5.3 Where records are destroyed a record will be kept, containing sufficient information showing when the record was destroyed, who by and the reason why. Disposal records will demonstrate that the disposal was in accordance with this policy or a written record will be made justifying the reasons for departure from this policy.
5.4 If a record due for destruction is known to be the subject of a request for information under the Data Protection Act (2018) or Freedom of Information Act (2000), destruction will be delayed until disclosure has taken place or, if the council has decided not to disclose the information, until the complaint or appeal provisions of the relevant legislation have been exhausted.
6. Records for Permanent Preservation
6.1 Records that require permanent preservation will be retained by the council for as long as required to support business processes, and should have an agreed transfer date. When the transfer date is reached, the records will be physically, or electronically, transferred to the West Yorkshire Archive Service.
6.2 Such records will be retained by West Yorkshire Archive Service indefinitely, and not by any other external storage provider. Advice on records that may need to be transferred for indefinite retention can be gained from the West Yorkshire Archive Services.
7. Duplicate Records
7.1 The creation of duplicate records will be kept to a minimum, for example when copies of meeting papers are printed, these copies will be disposed of as soon as they are no longer needed for reference.
7.2 Where duplication is necessary, then a decision will be taken as to which copy is the ‘master’ record, and retention rules will reflect this decision and all other copies destroyed. If one copy is destroyed but others still exist, then the council still holds the information, and this could increase the risk of a breach of the Data Protection Act 2018, or lead to a failure to comply with a request under the Freedom of Information Act 2000.
7.3. Where the decision is taken that an electronic copy is the ‘master’ copy of a record, then consideration must be given to any potential legal admissibility issues that may arise.
8. Other Relevant Policies
8.1 This Policy should be read in conjunction with the following supporting documentation as a minimum:
- Records Management Policy
- Freedom of Information Policy
- Data Protection Policy
- Information Security Policy
- Bradford Council Records Retention Schedule
9. Monitoring and Reviewing
9.1 The Records Management Officer will undertake monitoring of compliance on an on-going basis.
9.2 The review of this policy will be undertaken by the Records Management Officer in consultation with the Information Assurance Group, Information Asset Owners and
any appropriate service representatives.
9.3 This policy will be reviewed as it is deemed appropriate, but no less frequently than every two years or where there are changes to legislation.
9.4 Arrangements will be made within individual services for regular reviews of retention schedules to ensure records management compliance with this policy. The Records Management Officer will monitor the frequency of individual reviews.
10. Useful contacts
10.1 Records Management Officer via RMO@bradford.gov.uk
10.2 Corporate Information Governance team via foi@bradford.gov.uk
10.3 Data Protection Officer via DPO@bradford.gov.uk
10.4 Information Commissioner’s Office via www.ico.org.uk