Retention of records containing personal information
To comply with the ‘storage limitation’ principle set out in Article 5 of the General Data Protection Regulation (GDPR), personal data should not be kept in a form which permits identification of data subjects for longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) of the GDPR subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of the data subject.
In some cases that period is determined by law, but in others it is a matter of best practice, bearing in mind (i) the ‘accuracy’ principle set out in Article 5 of the GDPR that there is an obligation for personal information to be accurate and, where necessary, kept up to date, (ii) the ‘integrity and confidentiality’ principle to ensure appropriate security and (iii) the individual right of access to their own data.
The College’s retention periods for different categories of records are set out in the College’s Retention Schedule.
For further detailed advice on document retention please contact the College’s Archives and Corporate Records Unit.
Personal data (along with other records of a sensitive nature) in paper form should always be disposed of as confidential waste and placed in confidential waste bins or sacks. For further information about confidential waste disposal at the College, see the confidential waste pages.
Likewise, electronic records (records held in non-paper format) containing personal data should be erased when no longer required. Electronic records can be stored on (for example) desktop computers, laptops, mobile phones, removable data sticks and cloud storage. IT equipment that is out of use or that you plan to pass on to another user must be wiped of all sensitive information before being disposed of or reused. Simply deleting files is not enough as this may not erase them permanently. Where necessary, seek advice from the ICT Service Desk on wiping data from equipment. Contact Estates Facilities for the disposal of redundant IT equipment (such as PCs, hard disk drives, servers and laptops). You are responsible for ensuring data is erased prior to removal.