1.7.2 Retention and Destruction of Records |
RELEVANT CHAPTERS
This chapter should be read in conjunction with the Principles of Recording set out in Values.
AMENDMENT
Section 2, Protecting Other People's Information was added June 2011
Contents
1. Retention of Documentation
| 1.1 | All records, including files, records, photographs, floppy disks and other written or electronic and visual material that originates in connection with social work duties, are the property of the Council. |
| 1.2 | Under no circumstances should the materials referred to above be retained in an employee's possession, whether at home or elsewhere. |
| 1.3 | Staff using computers at home for Council purposes must transfer any material to an office computer by the next working day. Subsequently, all material must be immediately deleted from their personal computer, hard drive or floppy disks. No information should be retained that can identify any client or service user. |
| 1.4 | Staff are not allowed to remove case records from their office, whether this is to work at home or for meetings, except as agreed on a case-by-case basis by the line manager. |
| 1.5 | Any authorisation to remove case records from the office may be cancelled at any time and their return requested at any time, although reasons should always be given. |
| 1.6 | Managers should have systems in place to record any removal of documentation from the workplace and their return, with appropriate signatures and dates. |
| 1.7 | Any breach of these arrangements may lead to disciplinary action being considered. |
2. Protecting Other People's Information
The loss, theft and inappropriate destruction of service users' personal data is now an offence and the Information Commissioner's Office can impose significant fines and publish details.
The Data Protection Act 1998 is designed to safeguard personal data and allow organisations such as the council to collect and process this data for legitimate purposes.
Complying with the Act is part of the employment contract of all council staff and forms part of the Code of Conduct.
All council employees need to ensure that other people's information is protected and kept safe at all times.
If personal information is taken from one location to another we must do so in the safest possible way.
We must ensure equipment is fully password protected and encrypted, and is kept secure at all times.
Files, diaries, notepads or computer equipment must never be left unattended in vehicles or on public transport.
Specific guidance
To ensure personal information is protected:
- Only use fully encrypted and password protected council supplied laptops and USB sticks.
- Lock your computer screens when you are not at your desk (Ctrl+Alt+Delete).
- Lock your print jobs and retrieve the printing as soon as possible.
- Never leave personal information on your desk when you are not there.
- Never leave laptops, notebooks, files, USB sticks, diaries, journals or anything else which contain personal information in a vehicle, whether you consider it secure or not.
- Before you work from home ensure Ealing Council's Home Working Policy has been approved and signed-off by your manager.
- When working from home, ensure your council computer system is electronically secure, password protected and fully encrypted.
- Do not use a personal laptop to carry out any council work.
- Ensure if you work from home the paper files are held in a secure environment and placed in a locked cabinet.
- Ensure if you work from home your computer is locked away (using a security cable if necessary) when not in use.
- Do not allow family members or friends to use your council computer.
- Do not share passwords on post-it labels or any other note that can be lost or stolen.
- Do not share passwords with colleagues, or managers.
- Do not transfer electronic files containing confidential data backwards and forwards between home PCs and work computers.
- Do not transfer service users' personal information to non-secure accounts such as Yahoo or Hotmail.
- If posting personal information ensure it is posted by registered/recorded delivery direct to the recipient only.
- When disposing of personal information only use confidential waste bins, ensure you have checked with your service area and the document you are disposing of is done so in accordance with relevant retention schedules.
- If you communicate electronically, ensure that this information is protected at all times, and you use fully encrypted and password protected secure devices, double-checking the email address you are sending to is correct before you push "send".
- When filing records ensure they are filed in a secure environment, under lock and key in the office, or at home.
- Contact the Corporate Data Protection Officer and your Manager as soon as possible to report lost or stolen personal information.
- When faxing personal information, ensure you have established a fax protocol with the sending/receiving organisation, i.e. the numbers are secure (entered into the device faxing to avoid errors), there is confirmation that recipient has the received the faxed document, and that you phone ahead prior to sending the fax.
Further information
In you have any queries contact Dataprotection@ealing.gov.uk or telephone: 020 8825 8282
3. Destruction of Files
| 3.1 | Records must be retained for the following time scales: Children in care: Adoption Case Records: Private Foster placements: Children subject to Supervision Orders: Children in Need subject to Section 47 Enquiry: Children in Need subject to Initial Assessment only: Children in Need (not subject to Section 47 Enquiry and not in care): Unaccompanied minor, for example an asylum-seeker: Assessment and approval of adoptive parents/foster carers: Files on approved foster carers: Children in receipt of family support services: Children and families in receipt of family assessment: Systems to manage children in need of protection and children in care in summary form, for example the List of Children with a Child Protection Plan and children's homes' registers, must be retained permanently and transferred to the Archivist after their administrative use has ended. Documents relating to the operation of children's homes, for example, diaries, rotas, daily logs: 25 years from closure of file Records relating to staff working with children: 25 years from date when employment ends |
| 3.2 | Managers may decide to retain records for longer than the minimum periods specified above. Where no period for retention is specified, records should usually be retained for one year after the last contact with the family. There is a discretion to specify a longer period where the circumstances warrant this, for example if a person is known to be violent, records may be retained for longer to indicate the potential risk posed by such a person or if litigation is possible. |
| 3.3 | The date for the destruction of a record should be written on its front cover (in the case of a paper file) and entered on the computer system when the case is closed (in the case of electronic records). |
| 3.4 | If a closed case is subsequently re-opened, care must be taken to erase the date for destruction on the paper and electronic record. |
| 3.5 | Whenever there is the possibility of litigation, the records and information likely to be affected should not be amended or destroyed until the threat of litigation has ended. |
| 3.6 | When records identified for destruction are destroyed, a register of such records should be kept with sufficient detail to identify the record and the date destroyed. |
| 3.7 | In all cases, the destruction of paper records should be coordinated with the deletion of any electronic corresponding records. |
End