Record keeping and management
How to carry out an audit to check what personal data your school holds. You can use a data retention schedule to document how long you'll keep different types of data for.
The Data Protection Act 2018 and UK GDPR says you should only keep data for as long as you need it. You should check each year what data you hold and if you still need to keep it.
If you identify any information you no longer need, you should dispose of it safely.
It’s important to put in place policies and processes so you can prove and evidence that you’re not keeping data for longer than necessary.
Your data retention policy should explain how long you need to keep information. It should set out:
- why you are holding this data
- your justification for keeping the data
- the lawful basis for processing and keeping the data
- if you will pass this data on and, if so, if you need to keep it once you have passed it on
- the steps you will take when you destroy any personal data
A good data retention policy includes how long you will keep data items within the different areas of school administration. For example, you may need to keep pupil names in your safeguarding system longer than in your catering system.
When setting a data retention policy, consider:
- why you are holding this data
- if there is a legal duty to keep the information for a set period of time
- whether you will need to share the data and, if so, whether you need to keep it after sharing it
- if it is more appropriate for another organisation such as the local authority to keep the information in the long term
- if you will need the data to meet Ofsted’s requirements
- whether you can delete or depersonalise some of the information
- if you have a justification to keep the data
You should carry out an audit of all the personal data you hold each year to check it is up to date and still needed. You must not keep any data longer than is necessary.
As part of your audit, include pupil and staff data in:
- paper records
- databases
- online systems
- videos and photos
Reviewing the personal data you hold will help you to identify what data you need to:
- keep
- destroy
- change from a paper format to an electronic format
- keep for research or litigation purposes
Consider grouping your data items about pupils into these areas:
- admissions
- attainment
- attendance
- behaviour
- exclusions
- personal identifiers, contacts and pupil characteristics
- identity management and authentication
- catering and free school meal management
- trips and activities
- medical information and administration
- safeguarding and special educational needs
Document the decision you make against each data item. Find out how to create a record of processing activity.
Share the results of your audit with your school leaders, governors and trustees. They are responsible for making sure the school is compliant with the Data Protection Act 2018 and only keeps data it needs.
As data becomes older, there are steps you can take to keep data about pupils for analytical purposes. Before deleting the data completely, remove names and personal identifiers. For example, once the pupil has left your school, you could remove their name and date of birth. This will remove some of the risks around personal data. It will also allow you to use it for long-term analysis of trends.
Another option is to replace the personal information with non-personal identifiers. For example, you could replace the:
- name with a random ID
- date of birth with year of birth
- postcode with locality or town name
For some records, you may only need to keep summary statistics.
When records have reached the end of their retention period, data must be disposed of securely and confidentially. The ICO has guidance on practical methods for destroying records that are no longer needed.
All records containing personal information or sensitive policy information must be made either unreadable or so you cannot reconstruct it.
Your data retention policy must include your procedures for safely destroying personal data. All staff should be aware of these procedures to help prevent any data breaches.
Do not dispose of records with the regular waste or in a skip.
You should:
- shred paper records using a cross-cutting shredder, or get an external company to shred them
- destroy storage media and hard disks to particles no larger than 6mm
- dismantle and shred audio and video tapes
If you use an external company to destroy records, it must:
- shred all records on-site in the presence of an employee
- be able to prove that the records have been destroyed and provide a certificate of destruction
- have trained its staff in the handling of confidential documents
The Freedom of Information Act 2000 requires you to maintain a list of records that have been destroyed and who authorised their destruction. You must have approval from a senior leader for the record to be destroyed.
You must document the destruction. Record a brief description of the data, the number of files and who authorised the destruction. Shred the records as soon as you’ve documented them as having been destroyed.
Further guidance is available on record keeping and retention for academies and academy trusts.
Once you have your list of data item groups, consider creating a data retention schedule. This should state how long you’ll hold certain types of personal data before destroying it.
How long you keep different types of data will depend on whether you’re keeping it for operational needs or to comply with legal requirements.
The following records have statutory retention periods. You should decide how long you need to keep other records, in line with the business need of your school.
Pupil records
| Document type | Retention period | Action at end of retention period | Further information |
|---|---|---|---|
| Primary school pupil records | Until the pupil leaves the school. | Transfer to secondary school or other primary school when the pupil leaves. | See The Education (Pupil Information) (England) Regulations 2005 for details of what to keep in the pupil record. There is guidance on how to transfer information to another school. |
| Secondary school pupil records | Until the pupil’s 25th birthday. | Dispose of records securely. If the pupil leaves to go to another school, transfer the records to that school. There is guidance on what to do if the school closes before the end of the retention period. |
See The Education (Pupil Information) (England) Regulations 2005 for details of what to keep in the education record. Retain as detailed in section 2 of the Limitation Act 1980. |
| Special educational needs and disabilities (SEND), including SEND statements and accessibility plans | Until the pupil’s 30th birthday. | Dispose of records securely, unless the document is subject to a legal hold. If the pupil leaves to go to another school, transfer the records to that school. |
SEND code of practice: 0 to 25 years. Retain as detailed in section 2 of the Limitation Act 1980. |
| Attendance and absence | Until the pupil’s 30th birthday. | Dispose of records securely, unless the document is subject to a legal hold. If the pupil leaves to go to another school, transfer the records to that school. |
SEND code of practice: 0 to 25 years. Retain as detailed in section 2 of the Limitation Act 1980. |
Child protection records
| Document type | Retention period | Action at end of retention period | Further information |
|---|---|---|---|
| Child protection files | Until the child’s 25th birthday. If the file relates to child sexual abuse, retain until the child’s 75th birthday. | Dispose of records securely. Child protection files should be passed on to any new school a child attends. This should be transferred separately from the main pupil file. |
Should be stored in a separate child protection file. Keeping children safe in education sections 66, 67, 121 and 122. The Report of the Independent Inquiry into Child Sexual Abuse (IICSA), recommendation on access to records. |
| Allegations of child protection against a member of staff, including unfounded allegations | Until the staff member’s normal retirement age, or 10 years from the date of the allegation, whichever is later. | Dispose of records securely. |
Keeping children safe in education. Working together to safeguard children. |
Finance records
| Document type | Retention period | Action at end of retention period | Further information |
|---|---|---|---|
| Contracts | 6 years from the last payment on the contract. | Dispose of records securely. | Section 2 of the Limitation Act 1980. |
| Debtor’s records | 6 years from the end of the financial year. | Dispose of records securely. | Section 2 of the Limitation Act 1980. |
| VAT records | 6 years from the end of the financial year. | Dispose of records securely. | May include invoices, budgets, bank statements and annual accounts. Record keeping (VAT Notice 700/21). |
Governance records
| Document type | Retention period | Action at end of retention period | Further information |
|---|---|---|---|
| Admissions | 3 years from the admission date. | Dispose of records securely. | Working together to improve school attendance. |
| Attendance registers | 3 years from the date of entry. | Dispose of records securely. | Regulation 14 of the Education (Pupil Registration) (England) Regulations 2006. |
| Annual governors report | 10 years. | Dispose of records securely. |
The Education (Governors’ Annual Reports) (England) (Amendment) Regulations 2002. Retain as detailed in section 2 of the Limitation Act 1980. |
| Curricular record | At least one year. | Dispose of records securely. |
The Education (School Records) Regulations 1989. Regulation 3 of the Education (Pupil Information) (England) Regulations 2005. |
| Directors – disqualification | 15 years from the date of disqualification. | Dispose of records securely. | The Education (Company Directors Disqualification Act 1986: Amendments to Disqualification Provisions) (England) Regulations 2004 |
| Records of educational visits | 10 years from the date of the visit. If there was an incident on the visit, retain the permission slips for all pupils and the incident report in the pupil record, or until the pupil reaches the age of 25. |
Dispose of records securely. |
Health and safety on educational visits. Retain as detailed in section 2 of the Limitation Act 1980. |
| School vehicles | 6 years from the disposal of the vehicle. | Dispose of records securely. | Section 2 of the Limitation Act 1980. |
| Statutory registers and compliance | Retention periods vary, for example: Memorandums of understanding should be retained for the life of the academy plus 6 years. Annual reports should be retained for 10 years from the date of the report. Board meeting records should be retained for 10 years from the date of the meeting. | Dispose of records securely. | May include annual reports and governance records. Companies Act 2006 contains information on which statutory registers to keep. Compliance guidance in the maintained schools governance guide. Compliance guidance in the academy trust governance guide. Academy trust handbook. |
Health and safety records
| Document type | Retention period | Action at end of retention period | Further information |
|---|---|---|---|
| Accessibility plans | Life of plan plus 6 years. | Dispose of records securely. | Retain as detailed in section 2 of the Limitation Act 1980. |
| Accident records | 3 years from the date of the accident. | Dispose of records securely. | Accidents involving pupils should be retained in the pupil record. Regulation 25 of the Social Security (Claims and Payments) Regulations 1979. |
| Monitoring exposure to substances hazardous to health, including asbestos | 5 years. | Dispose of records securely. | The Control of Substances Hazardous to Health Regulations 2002. |
| Health surveillance records | 40 years. | Dispose of records securely. |
The Control of Substances Hazardous to Health Regulations 2002. Health surveillance - Record keeping. |
| Other health records of staff | While the worker is employed in your school. | Dispose of records securely. |
The Control of Substances Hazardous to Health Regulations 2002. Health surveillance - Record keeping. |
| Fire assessments | Life of the risk assessment plus 6 years. | Dispose of records securely. |
Fire Service Order 2005. Retain as detailed in section 2 of the Limitation Act 1980. |
Property records
| Document type | Retention period | Action at end of retention period | Further information |
|---|---|---|---|
| Maintenance records | 6 years from the end of the financial year. | Dispose of records securely. | Record keeping (VAT Notice 700/21). |
| Title deeds | 12 years from the end of the deed. | Dispose of records securely. | Section 2 of the Limitation Act 1980. |
Staff records
| Document type | Retention period | Action at end of retention period | Further information |
|---|---|---|---|
| Copies of DBS certificates | 6 months from the date of recruitment. | Dispose of records securely. | Keeping children safe in education. |
| Maternity pay records | 3 years after the end of the tax year in which the maternity pay period ends. | Dispose of records securely. | The Statutory Maternity Pay (General) Regulations 1986. |
| Pay records | 3 years from the end of the tax year they relate to. | Dispose of records securely. | PAYE and payroll for employers: Keeping records. |
| Personnel files | 6 years from termination of employment. | Dispose of records securely. | Section 2 of the Limitation Act 1980. |
| Retirement benefits | A minimum of 6 years from the end of the year in which the accounts were signed. | Dispose of records securely. | Regulation 15 of the Retirement Benefits Schemes (Information Powers) Regulations 1995. |