How we manage information
We obtain, create and manage a large amount of information relating to our services, customers and partners. We are committed to both the concepts of transparency and open government, and we recognise the importance of protecting the privacy of your personal information and the security of information we hold. We intend to achieve this by ensuring that we have clear and understandable rules about the information we collect, hold and share.
Our aim is to ensure that we have the right information to allow us to improve and continue to improve customers' service and by managing that information effectively and efficiently, to provide the best value services for customers.
These pages are intended to provide information about how we manage records and information, our policies and standards governing how we obtain, create, keep, share, use and dispose of information, details about how long we keep information. This information is contained within our information governance framework.
Information about how long information is kept, our responsibilities and retention schedules.
- Answer:
Head of information governance
The head of information governance is responsible for:
- formally approving our retention and disposal policy
- the development and maintenance of retention and disposal schedules detailing specific records retention and disposal policies
- authorising divergence from records retention and disposal policy contained in the retention schedules for legitimate reasons
Designated officers and senior managers
Designated officers and senior managers are responsible for:
- assigning responsibilities for records management, retention and disposal
- establishing procedures for the management, retention and disposal of records in all media and formats and the system(s) in which records are held
- ensuring ICT equipment and storage media are disposed of securely ensuring all records, data and information are removed in such a way that it is not recoverable
Business unit managers and team leaders
Business unit managers and team leaders are responsible for ensuring:
- record retention policies are implemented in their unit or team
- record keeping systems and arrangement of records enable identification of records due for disposal
- written procedures are in place for records management, retention and disposal
- records due for disposal are routinely identified and reviewed to ensure they are no longer required
- divergence from records retention and disposal policy is authorised
- the Information Governance Unit is notified of changes affecting records retention and disposal
- staff are aware of policies to retain and dispose of records
- staff dispose of records only in accordance with policies set out in our retention schedules
- records are disposed of appropriately considering their sensitivity, security classification and the media and format(s) in which they are held in line
- ICT equipment and storage media are disposed of securely ensuring all records, data and information are removed in such a way that it is not recoverable
- records of potential historic interest or research value are identified and transferred with agreement to our archive service
- evidence of the disposal process is kept
All staff
All staff are responsible for:
- following procedures and guidance for managing, retaining and disposing of records
- only disposing of records in accordance with records retention and disposal policies contained in our retention schedules (if authorised to do so)
- ensuring that any proposed divergence from records retention and disposal policies is authorised
- Answer:
How long we keep information before it is disposed of varies depending on the type of information, legal requirements and business need. Details are set out in our records retention schedules.
Having a retention and disposal policy and retention and disposal schedules are requirements of the Lord Chancellor's code of practice on the management of records issued under section 46 of the Freedom of Information Act 2000.
Retention and disposal policy
Our records retention and disposal policy sets out requirements and responsibilities for managing records retention and disposal.
We also produce separate guidance for staff about the responsibilities of the policy.
Retention schedules
Our record retention schedules list retention and disposal policies specifying how long records must be kept and details disposal action. They:
- detail retention and disposal policies for records supporting each business function, activity and process
- describe and define business functions, activities and processes that records support
- define the retention trigger/closure procedure event - event triggering the start of the retention period and record closure procedure
- specify the retention period - the period of time records needs to be kept after the retention trigger event has been reached
- specify disposal action - action e.g. destroy or transfer to be carried out following review at the end of the retention period
- identified the authority - legal, regulatory or business reasons that records are created and kept.
This is illustrated in our guide to understanding retention schedules:
- Answer:
We are required by the Lord Chancellor's code of practice on the management of records issued under section 46 of the Freedom of Information Act 2000 to have and to implement a records retention and disposal schedule.
This document sets out details about all the records created and kept by us, or our commissioned partners, in such a way that decisions can be made about identifying and disposing of them on a routine and timely basis.
This retention and disposal schedule has been produced in consultation with departments primarily responsible for the business activities and key stakeholders in the processes to establish the legal and regulatory requirements and business needs on which record retention and disposal polices are based.
Information about our standards and policies, including support and guidance.
- Answer:
We have a framework of policies, standards and guidance governing how its records and information should be managed. The Information Governance Framework is not a single document or policy but a series of documents including:
- legislation and regulations
- standards
- policies and guidance
The information governance framework is designed to provide a toolkit to enable all those working for us to meet legal, regulatory and ethical requirements in terms of information collected, received, used and managed in the services we supply to the people of Staffordshire, and to do so in the most effective way.
Information governance is the responsibility of all staff.
Support and guidance
The information governance framework aims to supply the support and guidance to ensure information is:
- kept securely and confidentially where appropriate
- obtained fairly and lawfully
- kept accurate, authentic and accessible
- retained for as long as it is required
- shared lawfully and appropriately
- Answer:
Our information governance framework identifies key legislation and regulations governing how information is obtained, recorded, held, used and shared. This includes:
Please note: The following links go to the main legislation website.
- Answer:
Policies
Key policies governing how we require our information to be managed include:
Other information management policies include our:
- protective marking scheme
- information sharing protocols
- service level business procedures and record keeping requirements
Guidance
The information governance framework includes guidance and instructions setting out required and recommended practices. It is available to all our staff.
Key guidance includes:
- Answer:
Our information governance framework identifies key external national, international, business sector specific standards and includes internal standards covering how information is obtained, recorded, held, used and shared.
These include:
We also refer to:
- BS ISO 15489-1:2016 Information and documentation - Records management
- BS ISO 23081-1 Information and documentation - Records management processes - Metadata for records
- Our protective marking scheme
- Information sharing protocols
- Service sector specific standards and requirements
- Various standards and guidance produced by the Information Commissioner’s Office and the National Archives
Please note: we are not responsible for the content of externally published information or the availability of links.