Records Management Plan - Principles and Policies

Records Management Plan – Principles and Policies

WORKING DRAFT

Scope of ‘Records Management’

‘Records’ should be understood to include information in any format that is under the control of the Empty Homes Network (EHN). It is understood in its wider rather than its narrower sense, as discussed in the National Archives Guide 1 – What is Records Management?

This series of guides … uses the term ‘records’ because that is the term used in section 46 of the FOIA, under which the Code was issued. If information has been created or received in connection with your organisation’s work and is maintained as evidence and information by your organisation then it is likely to fall within the definition of ‘records’ quoted above, regardless of whether it is personal information, financial information or any other type of information.[1]

Principles

  1. Named individual(s) should be responsible for the implementation of the Record Management Plan.
  2. The amount of information actively collected by EHN, and in particular personal information, should be the minimum needed for effective operations.
  3. Data security of any personal data should assigned top priority in relevant policies and procedures.
  4. EHN should ensure it complies with all statutory requirements in respect of information it collects and retains, giving particular regard to the General Data Processing Regulations and the UK Data Protection Act 2018.
  5. Records management policies should translate easily into effective procedures, particularly taking into account the limited resources available to EHN.
  6. EHN constitutes an unusual initiative across more than one field of abiding public, historical and sociological interest (in particular the re-use of empty property for housing purposes, communities of practice specifically amongst public servants) and non-trivial parts of its information base should be preserved as a matter of course for historical or other research purposes.
  7. The costs associated with data cleansing to remove information  no longer needing to be retained should be balanced against any benefits accruing from that data cleansing.
  8. Duplication of information shall be avoided except insofar as it is desirable for the purposes of backup and resilience.
  9. EHN should practice transparency as regards its Records Management Plan.

Policies

Accountability and transparency

  1. Responsibility for EHN records management shall be out-sourced (as with other key administrative and strategic tasks) to a Support Provider. The Service Level Agreement covering the out-sourcing shall adequately cover EHN’s record management needs, with clear reference to complying with and implementing this Records Management Plan.
  2. An Officer (other than the Support Provider) shall be designated to monitor the Support Provider’s performance against the Records Management Plan.
  3. The Records Management Plan shall be a public document and shall be referenced in EHN’s Privacy Notice(s).

Planning, organisation and documentation

  1. A register of the key repositories and types of records held by EHN shall be maintained. Inter alia, the registry shall identify the nature of any personal information included in the records.
  2. A register of physical data storage repositories shall be maintained.
  3. The registers shall incorporate Records Retention Policies that shall identify
    1. such records as should definitely be retained permanently.
    2. such records as shall be retained for specified periods  of time only before being destroyed;
  4. Historic shortcomings in Records Management shall be addressed through a Records Management Improvement Plan.

Records retention

  1. Records held by EHN shall be identified as being either for current business purposes or for archival purposes. The storage strategy adopted by EHN shall be structured so as to reflect this distinction.
  2. In principle, any records held by EHN may be retained for archival purposes, subject to the following:
    1. duplicate or redundant data sets should never be archived
    2. no archived data should be stored online
  3. By default, any records not listed for retention in the Records Management Registers shall be deleted at the earliest opportunity.
  4. Outside of the foregoing policies, data cleansing shall only be carried out where the benefits to EHN can be demonstrated to outweigh the costs, as shall be determined by the Support Provider responsible for the data cleansing, all to be balanced against the rights of data subjects.
  5. Whilst 6 years is regarded as the normal period for retention of financial records, in practice this translates to up to eight years, taking into account the delay before accounts and tax returns might be completed and then challenged by hmrc. 8 years is thus the default retention period for such records.

Sensitive data

  1. Emails, in particular, but also Event booking forms may contain ‘special category’ data, such as information about health or religious affiliation.  Any such data should be flagged or categorised as such and stored separately.

Security aspects

  1. Manual files (which contain minimal personal data) shall be adequately labelled, stored at the Support Provider’s place of business and protected by normal domestic-level security arrangements.
  2. All digital storage devices shall be encrypted using Windows Bitlocker.
  3. As regards historic digital storage devices:
    1. File shredder software shall be used to definitively destroy any records and clean any free space[2] on redundant storage devices (eg after being replaced with new hardware); or
    2. Redundant storage devices shall be donated to the charity weeecharity (or the like) and a certificate of data destruction obtained.
  4. As of May 2018, EHN data on external storage devices shall only be stored on encrypted devices that are used exclusively for EHN data.
  5. Strong administrative passwords shall be used to protect any data repository, whether a physical device or cloud-based.
  6. Passwords for any of the main data repositories shall not be written down by the Support Provider.
  7. Suitable arrangements shall be made to ensure passwords are available, in a secure manner, to no more than two individuals to
For further details about individual data files and repositories and retention periods refer to the EHN Records Management Registers.

[2] ‘Free space’ on a hard disk may have been used previously and, if not 'shredded', may contain historic data which can be recovered by an expert laboratory.