|Policy name||Data retention, data archiving and data destruction policy|
|Date policy was introduced||1 July 2019|
|This policy has been authorised by (SRO)||Andy Wall|
|Policy owner||Catty Bennett|
|Scope of the policy||This policy applies to all UK Statistics Authority (UKSA) and Office for National Statistics (ONS) employees, including staff on fixed term, temporary or permanent contracts, staff on secondments, students, and contractors|
|Next review date||1 July 2020|
The UK Statistics Authority (UKSA) and its executive office, the Office for National Statistics (ONS), preside over a huge array of data for the purposes of producing aggregate national and official statistics and statistical research, and all our staff will likely come into contact with it in some way.
The data retention, data archiving and data destruction policy sets out clear principles for the management of data throughout their lifecycle. The policy ensures that data owners understand their responsibilities for regular review of data according to the sensitivity of the data or prescribed timeframes from stakeholders, or to ensure compliance with data protection legislation.Back to table of contents
This policy covers all the data that the Office for National Statistics (ONS) holds to undertake its statutory functions. This includes statistical data and any supporting metadata, for example, data obtained through mandatory and compulsory surveys or data obtained from administrative sources in the public or private sectors.
This policy does not include information held by the UK Statistics Authority (UKSA) and the ONS for operational purposes.
This policy applies to all UKSA and ONS employees, including staff on fixed term, temporary or permanent contracts, staff on secondments, students, and contractors.Back to table of contents
The data will be retained by the Office for National Statistics (ONS) for as long as the data are required to enable the production of official statistics and for ongoing research purposes unless there is a prescribed timeframe provided by the data supplier.
Data owners will conduct regular reviews along the data journey to ensure maximum use of the data and compliance with third party supplier memoranda of understanding, contracts and data protection legislation.
Date will be reviewed periodically according to the sensitivity rating applied to the data.
|Data category||Data review period|
|Personal, sensitive (high or medium sensitivity)||Every two years|
|Aggregate, non-identifiable (low sensitivity)||Every five years|
|Metadata||To be held for a further two years after the data source has been destroyed. This will be reviewed on a case-by-case basis.|
Download this table.xls .csv
Following each review, the data owner will decide whether the data shall be retained for continued use within ONS systems, archived for permanent preservation external to the ONS, or securely destroyed.
The data owner will decide, with the KIM Manager, whether the data can and should be formally archived to ensure their continuing availability and functionality. Data that are deemed worthy of permanent preservation shall be deposited at The National Archives (TNA).
Data that are no longer required or cannot be held long term for legislative purposes, or that are not deemed worthy for further preservation, will be destroyed appropriately and in accordance with best practice.Back to table of contents
In summary, our main data retention, data archiving and data disposal principles include:
- data acquired from third parties are retained for no longer than the time period defined by the memorandum of understanding or contract
- personal data are retained in accordance with data protection legislation
- data generated by the ONS are retained where there is an ongoing requirement for access
- regular data and metadata reviews are performed, dependent on the sensitivity of the data, to ensure data are lifecycle-managed
- archiving of data is considered at the point the data are no longer of use by the ONS, to ensure their continued availability and functionality
|Role||Responsible for||Accountable to|
|National Statistician or Statistics Board||Organisational compliance with data protection legislation||Parliament|
|Data Protection Officer||Monitoring compliance and providing advice and guidance||National Statistician|
|Legal Services||Providing support to the Data Protection Officer||National Statistician|
|Chief Security Officer||Ensuring all systems are compliant||National Statistician|
|KIM Manager||Records management and document storage||Chief Security Officer|
Download this table.xls .csv
This policy forms part of the Office for National Statistics’s (ONS’s) policy framework and specifically relates to the following ONS policies:Back to table of contents