Guidance on the Destruction of Records Containing Confidential Data
This guidance should be read in conjunction with the University’s Records and Data Retention Schedule, Data Protection Policy, Information Security Policy and Records Management Policy.
This guidance is intended for all University staff who need to dispose of records containing personal or sensitive personal data. It is likely to apply to almost all University staff, including anyone undertaking administrative, research or teaching-related work.
The guidance applies to all records, regardless of the medium in which they are held, including e-mail, spreadsheets, databases and paper files.
The Data Protection Act 2018 requires the University to dispose of personal and / or special category data when it is no longer needed in a secure and confidential manner. It is Bangor University’s legal duty to guard such data effectively from the moment it is created, whilst it is being used and when it is finally destroyed.
[a] Personal Data
- Any information relating to an identified, or identifiable natural person (the data subject).
What does this mean in practice?
All staff, students, research subjects, alumni, members of the public etc. where we hold their data – “identified”
Also includes, for example, pseudo anonymous individuals where the University also holds the additional information to identify them - “identifiable”
[b] Special Category Data
Special Categories of Data are:
- racial or ethnic origin;
- political opinions;
- religious or philosophical beliefs;
- trade union membership;
- data concerning health or sex life and sexual orientation;
- genetic data; and
- biometric data where processed to uniquely identify a person.
The University offers records management advice through the Governance and Compliance Office. Please contact Lynette Hunter on ext. 8530 or 3276.
[a] Records Retention Schedule
Although records within each school and / or department should have an identified owner responsible for their management, the individual handling or processing confidential personal or sensitive data is personally responsible for the proper disposal of such data (as stated within the Data Protection Act 2018)
Consult the Records and Data Retention Schedule to check whether the records have expired their retention policy and can therefore be disposed of (also check that there have been no changes to the retention requirements since the records were created).
In the case of records supported by external requirements (such as the requirements of a particular funding council) consider which agencies / stakeholders have a vested interest in the process the record supports. Consider checking with these external stakeholders before disposing of the record if in any doubt.
[b] Secure Disposal
The disposal of any record produced by staff documenting University business and activities, especially confidential records, should only be undertaken where authorised by the owner of the records (this is usually the Head of the Department).
Documentation must be created (or updated) to provide evidence of data destruction and how it was authorised. This can be done using the Schedule of Records Destroyed form.
The destruction of any records (especially those containing confidential data) must be undertaken in a confidential manner and certificates of destruction requested as proof of destruction to complete the audit trail of the records.
A schedule of records to be destroyed must be annotated when records are to be destroyed and the date and authority (signature) for the action noted. Identify all the records due for destruction and place them within a schedule.
[c] Paper records
Paper records containing personal and / or sensitive personal data must be confidentially shredded so that no data falls into the wrong hands. The University’s confidential waste disposal service is provided by Shred It who are an accredited contractor.
[d] Electronic Records
Electronic records are often routinely deleted by members of staff as part of their normal day to day use of their computer. This normally involves the file being deleted from the computer and placed in a “recycle bin”, (some e-mail programs store deleted items in a “deleted items” folder).
Staff should ensure that they empty both the “recycle bin” and the “deleted items” folder periodically. Some email programs will allow the user to set up the deleted folder to empty automatically when the email program is closed down. Contact the IT Services Helpdesk (firstname.lastname@example.org or extension 8111) for assistance with this.
It should be remembered however that even if a file or e-mail is deleted, it remains on the disk in a hidden form, and, for information held on servers or shared drives, it will be kept on the University’s back up tape for a specified period.
Staff should be aware that many e-mail programs automatically store copies of sent messages. If any Electronic Records are sent in or attached to e-mails, staff should consider whether these sent messages should be retained and for how long.
It is also important to ensure that when a computer or hard drive is being re-purposed, sold or disposed of, this action should be in accordance with the “Policy for the Re-use and Disposal of Computers, other IT Equipment and Data Storage Media”. This Policy demands that data be fully erased before sale/transfer or during disposal.
Further guidance on deleting your data from computers, laptops and other devices can also be found on the Information Commissioner's web pages