With the constant bombardment of commercial, financial and operational issues that a business has to contend with, surely the length of time you need to keep your paperwork is one of those areas which does not require too much thought.
Whilst this is true for some internal and commercial records (although a bit of best practice in terms of timely document destruction can reduce ongoing storage costs), there is some quite substantial legislation governing document retention which can result in significant fines for businesses who fall foul of the rules.
And it’s not just about the destruction of records, but also how and where you keep them, and who has access to them.
The main piece of legislation affecting virtually all businesses is the Data Protection Act 1998.
This Act provides eight principles of ‘good information handling’, and applies to all records (electronic and hard copy) which name living individuals and contain personal information – e.g., HR files, customer data (particularly if you sell directly to consumers), payroll records, health & safety documents and medical/next of kin information.
The Data Protection Act requires that appropriate measures are taken against unauthorised access to, or alteration, disclosure or destruction of personal data – and this includes both destroying documents too soon and conversely retaining files for too long.
Individuals have a right to expect you to destroy records containing their personal data as soon as you are no longer legally obliged to retain them – and the Data Protection Act enshrines this right in legislative obligation.
Price of non-conformance? A fine of up to £500,000, plus potential criminal prosecution if you show serious disregard for the rules.
In addition to the Data Protection Act, there are also many industry and sector-specific legislation of which businesses must be aware.
One example is the Financial Services Act 2012, which is part of a heavy-duty regulatory machine governing the financial services industry.
Sarbanes-Oxley is another, and applies to UK subsidiaries of certain US companies and requires businesses to retain critical records.
The Freedom of Information Act is a vital piece of legislation for public sector organisations.
In addition to legislative concerns, following best practice guidelines for document retention also ensures that costs incurred in file storage are minimised.
Retaining documents costs £££s – even if they are stored on your own premises.
There is a great fallacy that keeping documents onsite costs nothing – in fact, there is often a large ‘opportunity cost’, which is then compounded when the files being retained have long-since reached their expiry date.
Destroying in a timely manner ensures the best use of your funds, and where your records are stored onsite, the best use of your space.
Download your free copy of FDA’s Guide to Document Retention.