NOT PROTECTIVELY MARKED FORCE PROCEDURES. Retention, Archiving and Destruction Procedure v1.2. Records Manager

Transcription

1 FORCE PROCEDURES Retention, Archiving and Destruction Procedure v1.2 Procedure Reference Number: Procedure Author: Samantha Hampson, Records Manager Procedure Review Date: 1 st April 2011 At the time of ratifying this procedure, the author is satisfied that this document complied with relevant legislation and Force requirements. Sign and date (Author(s)) Version 1.2 Not Protectively Marked 1

2 Procedure Index ELECTRONIC NAVIGATION: - move the cursor over the page number in the index or blue underlined text until a hand appears. Click the left mouse button once and it will jump to the specified part of the document. 1. Responsibilities Guidance Procedure Aim Appeals Review... 5 Version 1.2 Not Protectively Marked 2

3 1. Responsibilities 1.1 Overall responsibility for this procedure lies with the Force Records Manager. 1.2 Overall responsibility for the content of s lies with each individual. Refer to the Acceptable Use Policy within the Force Information Security Policy and the Usage Procedure for further clarification. 2. Guidance 2.1 This procedure runs from 1 st April The retention periods outlined in this procedure will be reviewed regularly, at least every 12 months. This will allow for management information to be extracted from the technical product to enable the force to analyse the information staff are accessing and make more informed business decisions regarding retention periods. 2.3 If an or an attachment within an is no longer required by the user it should be deleted manually as normal. However, the user must be aware that this and/or attachment will be held within a central archive server for a period of 12 months from date of receipt or creation. 2.4 The header will remain in the mailbox for 12 months from date of receipt or creation, allowing access to the from Lotus Notes. After the first 12 months the and attachment will be deleted, unless manually moved to a longer-term archive folder (see 3.11). s retained for more than 12 months will only be viewable in a separate search tool. 2.5 This will ensure the force complies with the Data Protection Act 1998, the Freedom of Information Act 2000 and the Limitation Act Any documents that are stored within the stationery and draft folders of a mailbox will not be removed to archive or destroyed. 2.7 The live system will be backed up on a daily basis for disaster recovery purposes only and not accidental deletion, and will use a 30 day backup cycle. Accidentally deleted s can be retrieved from the archive system up to 12 months from the date of receipt. 2.8 All s sent or received by members of staff will immediately have a copy stored on the central management server to help ensure compliance with the above Acts. A complete audit trail will be available showing when an is sent or received. This copy will be destroyed after a 12 month period. 2.9 An overview and instructions on the archiving solution will be distributed to all members of staff for reference purposes. Version 1.2 Not Protectively Marked 3

4 2.10 Any created or received on or after 1 st April 2010 will have a retention period of 12 months s created or received prior to the 1 st April 2010 will be held for a maximum period of 7 years in an archive storage facility. The amount of data held will diminish during that period, as s from 2003 (and older) will be deleted during 2010 etc. All of this legacy will be deleted by 1 st April Upon request, selected users, Departments or Sections may be provided with a longer term retention folder, up to a maximum of 7 years e.g. Legal Services. A business case must be submitted to the IT Service Desk requesting this functionality. Each request will be dealt with on a case by case basis s created or received by Cheshire Constabulary on or after 1 st April 2010 will not be kept any longer than the specified 12 month retention period Any data that is needed to be kept for longer than the specified retention periods should be transferred into a relevant operational or non-operational system. 3. Procedure Aim 3.1 is any document stored in a personal or group mailbox on the Cheshire Constabulary Lotus Notes infrastructure, regardless of the equipment it is stored on i.e. server, desktop or laptop computer. The procedure also extends to any attachments and embedded information stored within the s that are sent or received by the Force has become the main textual communications medium between Cheshire Constabulary, partner agencies, other authorities and members of the public. It is important that the force appropriately manages the information in its system to assure records management functions and statutory compliance is adhered to. It is also important that is recognised as a transient system and that it is not designed to operate as a document storage facility. Any attachments to be retained by the Constabulary should be stored on the appropriate Network drive or operational system. 3.3 This procedure excludes all other databases created using Lotus Notes software such as document libraries and databases. Owners of other systems, for example covert webmail, must provide appropriate auditable controls and ensure appropriate disposal of information is carried out in line with legislation. 3.4 Attachments to s require huge amounts of space and multiple copies make their management and use both difficult and expensive. Version 1.2 Not Protectively Marked 4

5 3.5 To avoid expensive storage costs and assist with professional information and records management, staff should not retain any s or attachments without a valid purpose and this procedure outlines the automatic processes that will be put in place to manage this. 3.6 This retention, archiving and destruction procedure has been created to ensure all staff are aware of how based data is managed. 3.7 This procedure should be read in conjunction with: Usage Procedure Records Management Procedure Information Management Strategy Force Information Security Policy (FISP). 4. Appeals 4.1 Persons affected by this procedure have the right to make representations, challenges and/or appeals against the relevant decision(s) through civil litigation or internal management, grievance or police complaint procedures. 4.2 A person who claims that a public authority has acted (or proposes to act) in a way which is unlawful under the Human Rights Act 1998, may bring proceedings against the authority under the Act in the appropriate court or tribunal. Alternatively the person may rely on the Convention right or rights concerned in any legal proceedings, if they are a victim (or would be) of the alleged unlawful act. 5. Review 5.1 This procedure will be reviewed in April 2011 to consider: Any changes in retention periods Its effectiveness in the business area concerned Any changes to legislation Challenges to the procedure Any identified inefficiencies in relation to implementation Impact on diversity and equality Version Date Status Authorised 1.0 Jan 10 Draft for consultation S Hampson /04/10 Amended and Published S Hampson Version 1.2 Not Protectively Marked 5