Records Management Registers

Introduction

These details should be read in conjunction with the Empty Homes Network's Privacy Notice and our Records Management Plan - Principles and Policies.

On this page

Register of Physical devices
Register of Manual Files
Types of digital data – review
Register of Digital Datasets - Physical Locations
Register of Digital Datasets - Retention arrangements
Records Management Improvement Plan – May 2018

Register of Physical devices

ID

Device

Current status

Comments

01

Dell Latitude D620 laptop

recycled via weeeitcharity.co.uk May 2018

In use August 2006 - April 2014

02

Iomega 320MB powered external hard drive

recycled via weeeitcharity.co.uk May 2018

In use as backup device c.2006-2008

03

?? 500MB USB powered hard drive

recycled via weeeitcharity.co.uk May 2018

In use as backup device c.2008-2012

04

Western Digital 1TB powered external hard drive

recycled via weeeitcharity.co.uk May 2018

In use as backup device c.2009-May 2014

05

Integral 8GB USB memory stick

retired from EHN use: all EHN and unused space erased May 2018*

Used as portable device at conferences

06

WD mypassport USB 3 1TB hard drive (red)

retired from EHN use: all EHN and unused space erased May 2018*

In use as backup device April 2014-May 2018

07

WD mypassport USB 3 1TB hard drive (grey)

retired from EHN use: all EHN and unused space erased May 2018*

In use as offsite backup device May 2014-May 2018

08

Dell Latitude E7440 laptop

in use: hard drive protected with Bitlocker

In use from April 2014

09

2 x Toshiba USB 3.0 usb 32GB memory stick

in use: protected with Bitlocker

used from May 2018 as backup devices

*File and free space erased by Eraser 6.2 software. It is necessary to erase free space as this may have been used previously and still contain readable data. In such cases, storage space may only be flagged as ‘free’ in the storage index and data experts could  still recover the data.

Register of Manual Files

File

Contains personal data?

Retention policy

Bank statements

Name and address of Treasurer

Destroy documents after 8 years

Sales Invoices

Name of lead member, or name of conference attender(s)

Destroy documents after 8 years

Purchase invoices, incl. expense claims

Names of sales staff at supplier /  persons claiming expenses

Destroy documents after 8 years

Executive meeting papers

Names of Executive Members

Retain permanently if no digital copy. Otherwise destroy documents after 7 years

Other Executive papers

Possible names of Executive Members or others

Retain permanently if no digital copy.  Otherwise destroy after 8 years.

Miscellaneous[1]

Miscellaneous persons in official capacities

Retain permanently if no digital copy.  Otherwise destroy after 8 years.

Remittance Advices

Possible names of admin staff

Destroy documents after 8 years

Purchase Orders

Names of admin staff, authorising staff and/or EHN members

Destroy documents after 8 years

Types of digital data – review

Introduction

This review is concerned specifically with digital data that does - or might - contain personal information and where data privacy must therefore be secured.

Accounting records

Accounting records are currently held in Excel workbooks. In addition to minimal member details (typically just a name), financial records may include similar minimal details for administrative or supervisory staff with whom we have business-to-business dealings.

Historic accounting records were held in Sage Instant Accounting through to 2008-09. The relevant data files have since all been erased.

Other financial data and correspondence

These include supplier forms requested by suppliers and completed by EHN, soft copies of sales invoices, purchase invoices and travel claims. Again, minimal personal data may be held on such forms (eg.’return to:’ or the name of a senior officer). Such files may be in any normal office format – Excel, PDF, MS Word.

Membership lists and records

Membership records are held in EHN’s website Content Management System, and in any backups thereof. See our Privacy Notice for details of the data collected from our Members and Subscribers.

Membership lists are also downloaded as necessary from the website as csv or Microsoft Excel files, usually to permit analysis of the membership or for mail-merging.

Note that passwords are encrypted, are not made visible the website even to administrators and are not included in any format in downloaded membership lists.

Material posted by members

This includes all forum posts, news stories, blog posts etc published by or on behalf of our members. These typically identify the name of the member and may include details of their opinions, problems or work situations.

Nearly all material posted by our members is openly available to casual visitors on our website and is thus considered to be published into the public domain and therefore not subject to data privacy considerations.

Event booking forms

Event bookings are nearly always received in digital format, as Word or PDF files or as scanned images: they contain details of attendees, supervisors and admin staff. Importantly they may contain sensitive (special category) data such as dietary requirements or religious affiliation.

Event booking files and delegate lists

Booking files are MS Excel workbooks that organise the data on booking forms in a structured format, storing personal data relating to those attending.  Delegate lists, incorporating only name, job title and employing organisation, are held in the same workbooks but may eventually be transferred to MS Word or PDF format for publication. Booking files also store speaker details.

Event brochures

Event brochures contain personal details of speakers including brief biographies. As published documents made available online and distributed by other channels, they are considered to be in the public domain and data protection considerations are not considered to apply to them.

Awards submissions

Awards submissions, received as Word documents or PDF files,  may contain opinion about individuals and details of their work history and achievements; they may also include contact details of the person submitting the award. In principle all awards submissions are accepted on the basis that they may be published, but submissions that do not succeed are not published.  Where winning submissions are published on the EHN website they are in the public domain and data protection safeguards are considered not to apply, but not all the personal information in the submission might be published.

Photos

Photos of speakers and audience are taken at events and being of living individuals constitute personal data.On broad definitions, photos reveal the ethnicity of the subject. Thus, they might be considered to contain 'special category' data. Similarly, some photos may reveal the health issues of the subject - for example, evidence of a disability or a recent injury.

The implications of the foregoing are not yet clear from guidance issued by statutory agencies.

A further specific policy around photos will be developed.

Presentations

Presentations given at events typically contain details of the author/presenter.

Executive papers

These include minutes, reports, voting records and occasionally correspondence. The names, employing organisations and roles within EHN of Executive members and correspondents may be present.

Email correspondence generally

Email correspondence typically includes the detail of the sender in the email sender address and/or signature. It may also include comments about personal matter such as health or holidays, opinions, and descriptions of work situations. To ensure compliance with data protection principles, all emails are regarded as personal data although a few may not be (e.g. unsigned emails from generic accounts).

Emails may also include attachments such as those noted above under 'Other financial data and correspondence'.

Any email might contain ‘special category data’ provided casually or for a specific reason, perhaps noting that someone is ill, on maternity leave, has special dietary needs, etc. 

Categories  of email correspondence

The following categories of email correspondence have been identified

  • Correspondence with a non-member acting in a work capacity
  • Correspondence with ex-Subscribers and members of the public
  • Correspondence with Members

Cutting across these categories are:

  • Correspondence relating to a currently active theme, topic or project
  • Correspondence relating to membership and finance, including event bookings
  • Other correspondence

Any of the foregoing might contain ‘special category’ data and (going forwards) special category data will be redacted wherever possible or, if not, the email flagged accordingly and placed in special folders..

Emails we receive are initially stored by our webmail provider and are then downloaded to the Support Provider’s PC into MS Outlook files, which become the master repositories.

'Special Category' data

Further information about 'special category data' can be found on the Information Cpommissioner's Office website.  In nearly all circumstances, EHN is able to rely on Article 9(2)(d) of the General Data Pocessing Regulations for its processing of such data:

(d) processing is carried out in the course of its legitimate activities with appropriate safeguards by a foundation, association or any other not-for-profit body with a political, philosophical, religious or trade union aim and on condition that the processing relates solely to the members or to former members of the body or to persons who have regular contact with it in connection with its purposes and that the personal data are not disclosed outside that body without the consent of the data subjects;

Some special category data could be inferred from names, but without certainty, for example names that might indicate Sikh or Muslime religious affiliation. Until there is clear statutory guidance on this aspect, such data will not be treated as 'special category'.

Register of Digital Datasets

Physical Locations: Key

XD

two encrypted memory sticks, one stored off-site and mirroring the other, held by Support Provider

PC

the Support Provider’s laptop

CMS

internet - EHN’s online Content Management System

HO

internet - EHN’s website hosting account

DB

internet - support providers's Dropbox account

WM

internet - EHN’s webmail accounts

Locations and retention policies

Dataset

Current data location

Retention policy

Interval / delay yrs

Archive after yrs

FINANCE / MEMBERHSIP        

Accounting records

PC XD DB

Delete redundant or duplicate datasets eg monthly spreadsheets

3

-

"

PC XD DB

Redact  file notes and details of administrative or supervisory staff.

Retain permanently

8

-

Other financial records

PC XD DB

Delete

8

-

Membership lists

PC XD DB

Create annual masterfile: delete redundant or duplicate datasets

3

8

Membership records (online)

CMS

Delete individual records for inactive members.

3

n/a

CMS Membership records (backups)

PC XD DB

Delete

3

n/a

WEBSITE CMS

       

Material posted by members

CMS

Retain indefinitely

 

n/a

CMS Material posted by members (backups)

BUP

Delete

3

n/a

EVENT-RELATED

       

Event booking forms

PC XD DB

Delete

8

n/a

Event booking files (Excel) and delegate lists (Word tables)

PC XD DB

Delete all but final booking Excel file shortly after event; redact special category data.

0.1

n/a

Final event booking file (redacted)

PC XD DB

retain permanently

 

8

Event brochures

PC XD DB

delete drafts; retain final versions

1

3

Awards submissions

PC XD DB

retain permanently

 

3

Photos

PC XD DB

retain permanently

 

3

Presentations

PC XD DB

retain permanently

 

3

GOVERNANCE

       

Executive papers

PC XD DB retain permanently   -

EMAILS

 

 

 

 

> webmail

WM

Delete

1

n/a

> with special category data

PC XD

Redact special category data on receipt where possible

0.1

 

> relating to membership / finances

PC XD DB

 

 

8

> with ex-Subscribers + members of the public

PC XD DB

Delete (excluding financial)

6

n/a

> current themes, topics, projects

PC XD DB

treat as  current data

 

n/a

> completed themes, topics projects

PC XD

retain permanently

 

1

>with Members

PC XD DB

retain permanently

 

3

> with non-Members in work capacity

PC XD DB

retain permanently

 

3

> other

PC XD DB

retain permanently

 

3

ARCHIVES

       

All archive files

PC XD retain permanently   n/a

Records Management Improvement Plan – May 2018

ID

Description

Status

01

Create Records Register.

Complete, subject to update

02

Procure ‘file shredder’ software.

Complete

03

Procure external storage drives exclusively for EHN data backup and encrypt with Windows Bitlocker

Complete

04

Encrypt all current storage devices with Windows bitlocker.

Complete

05

Dispose of redundant hardware storage devices securely and so as to ensure EHN data is definitively erased.

Complete – certificate awaited

06

Erase all EHN data from 2 x WD mypassport back-up hard drives, and Integral usb memory stick. .

Complete

07

Re-organise EHN folder structure to reflect ‘current business’ and ‘archive’ requirements.

Underway To complete by end of June 2018

08

Backup EHN data to new encrypted EHN external storage drives.

Underway. Clear all data and repeat to reflect latest state of work. To complete by end of June 2018

09

Finalise arrangements around password sharing and resilience

To complete by end September 2018

10

Delete webmail older than one year from all EHN webmail accounts

To complete by end September 2018

11

Process all emails, organising by year and project / topic area / purpose etc so as to facilitate compliance with data management policies

To complete by end September 2018

12

identify and redact or delete emails with special category data

To complete by end September 2018

13

Organise email folders into current and archived. .

To complete by end September 2018

14

Restructure current finance workbooks to allow easier removal of personal data while retaining financial information

To complete by end September 2018

15

Process finance files so as to achieve compliance with data management policies

To complete by end September 2018

16

Process membership data and files so as to achieve compliance with  data management policies

To complete by end September 2018

17

Process event-related files so as to achieve compliance with data management policies

To complete by end September 2018

18

All other housekeeping of data not related to GDPR and personal data

To complete by end of December 2018

19

Review status of all plans and actions against ICO recommendations

Carry out May 2018, December 2018

20 Complete risk register

To complete by end September 2018

21

Update Service Provider Service Level Agreement to ensure delivery of and compliance with Record Management Plan

Completed (formal Executive approval in hand)

R E V I S I O N   R E C O R D


[1] Miscellaneous includes:

  • bank mandate forms
  • correspondence with politicians or civil servants