Records retention schedule
Our corporate records retention schedule identifies the period for which personal data is retained.
To summarise the legal requirements, Article 5 (e) of the GDPR states that personal data shall be kept for no longer than is necessary for the purposes for which it is being processed.
The schedule indicates how long the data must be kept, the trigger point for retention and whether the records should be reviewed or destroyed at the end of this period, and in certain cases if they should be retained indefinitely or passed to archives.
Why do we need a corporate records retention schedule?
This schedule forms an important part of the council's strategy for maintaining control over its records and information. Why?
- It creates a consistent approach across the authority to records retention.
- It identifies vital records which need to be preserved permanently.
- It provides authority for the destruction of records which do not need to be preserved permanently.
- It ensures that records are neither destroyed prematurely when they are still needed nor retained long beyond their destruction date because of uncertainty about how long they should be kept.
- It helps the authority comply with the Freedom of Information and the General Data Protection Regulation (GDPR) and has a role in supporting open and transparent government.