GovWire

Your data retention policy should explain how long you need to keep information. It should set out:

• why you are holding this data
• your justification for keeping the data
• the lawful basis for processing and keeping the data
• if you will pass this data on and, if so, if you need to keep it once you have passed it on
• the steps you will take when you destroy any personal data

A good data retention policy includes how long you will keep data items within the different areas of school administration. For example, you may need to keep pupil names in your safeguarding system longer than in your catering system.

When setting a data retention policy, consider:

• why you are holding this data
• if there is a legal duty to keep the information for a set period of time
• whether you will need to share the data and, if so, whether you need to keep it after sharing it
• if it is more appropriate for another organisation such as the local authority to keep the information in the long term
• if you will need the data to meet Ofsteds requirements
• whether you can delete or depersonalise some of the information
• if you have a justification to keep the data

You should carry out an audit of all the personal data you hold each year to check it is up to date and still needed. You must not keep any data longer than is necessary.

As part of your audit, include pupil and staff data in:

• paper records
• databases
• online systems
• videos and photos

Reviewing the personal data you hold will help you to identify what data you need to:

• keep
• destroy
• change from a paper format to an electronic format
• keep for research or litigation purposes

Consider grouping your data items about pupils into these areas:

• admissions
• attainment
• attendance
• behaviour
• exclusions
• personal identifiers, contacts and pupil characteristics
• identity management and authentication
• catering and free school meal management
• trips and activities
• medical information and administration
• safeguarding and special educational needs

Document the decision you make against each data item. Find outhow to create a record of processing activity.

Share the results of your audit with your school leaders, governors and trustees. They are responsible for making sure the school is compliant with the Data Protection Act 2018 and only keeps data it needs.

As data becomes older, there are steps you can take to keep data about pupils for analytical purposes. Before deleting the data completely, remove names and personal identifiers. For example, once the pupil has left your school, you could remove their name and date of birth. This will remove some of the risks around personal data. It will also allow you to use it for long-term analysis of trends.

Another option is to replace the personal information with non-personal identifiers. For example, you could replace the:

• name with a randomID
• date of birth with year of birth
• postcode with locality or town name

For some records, you may only need to keep summary statistics.

When records have reached the end of their retention period, data must be disposed of securely and confidentially. The ICO has guidance on practical methods for destroying records that are no longer needed.

All records containing personal information or sensitive policy information must be made either unreadable or so you cannot reconstruct it.

Your data retention policy must include your procedures for safely destroying personal data. All staff should be aware of these procedures to help prevent any data breaches.

Do not dispose of records with the regular waste or in a skip.

You should:

• shred paper records using a cross-cutting shredder, or get an external company to shred them
• destroy storage media and hard disks to particles no larger than 6mm
• dismantle and shred audio and video tapes

If you use an external company to destroy records, it must:

• shred all records on-site in the presence of an employee
• be able to prove that the records have been destroyed and provide a certificate of destruction
• have trained its staff in the handling of confidential documents

The Freedom of Information Act 2000 requires you to maintain a list of records that have been destroyed and who authorised their destruction. You must have approval from a senior leader for the record to be destroyed.

You must document the destructio

View the original news story