Information Management

This infoKit is a strand within the Information Management resource. Use one of the following links to view more on a particular lifecycle phase.

How Long Should Information Be Kept For?

In an age where storage costs are relatively cheap (at least for electronic information), it can often be tempting to assume that the best route is to keep everything. However, this approach does lead to significant costs, even if many of them - such as decreased efficiency thanks to the amount of time taken to find the information required - are often hidden.

There are also considerable risks associated with keeping everything. All content held by (or on behalf of) an institution is potentially disclosable under the Freedom Of Information Act or as part of any other form of legal discovery exercise. Many organisations have found themselves in damaging or embarrassing situations thanks to the disclosure of information they still held, but had forgotten all about...

By using a consistent and objective set of criteria for determining how long your information should be retained, not only do you decrease the chances of important information being mistakenly deleted too soon, but you are also in a position to defend your inability to produce information requested under FOI.

The Drivers Governing Information Retention

There are a number of factors which can influence how long your information should be retained for. In broad terms, they can be divided into two main camps: internal and external factors.

Internal factors will primarily be determined by operational considerations, for example how long the information is likely to be needed both to fulfil the purpose for which it was originally created, but also for any secondary purposes. However, it is also important to consider the longer term historical perspective and whether the information in question is likely to be of interest to future generations as part of the documentary record of the development of the institution. The Guidance on the appraisal of archival records provides further information on making this decision.

External factors will be largely governed by legal and regulatory requirements. Many pieces of legislation will have statutes of limitations stated within them which helps define the minimum amount of time information covered by that legislation should be kept to ensure any subsequent legal challenge can be resolved.

"Statute of Limitation: 'A statute of limitations is a statute in a common law legal system that sets forth the maximum period of time, after certain events, that legal proceedings based on those events may be initiated. In civil law systems, similar provisions are usually part of the civil code or criminal code and are often known collectively as 'periods of prescription' or "prescriptive periods"

Taken from the Wikipedia entry for Statute of Limitations on 20 July 2007⁴

Although sometimes less clear cut, it is often possible to determine similar periods implicit within sector-specific regulation which can also be used as a guide.

Risk Management

It is perhaps worth remembering that all decisions regarding the retention of information is based on the management of risk. Even where limitation periods are clearly defined this only represents the minimum amount of time the information should be retained for - there may still be other factors which mean a longer period may be justified. Conversely, a shorter period could be considered where the volume of information covered is high and the perceived likelihood of it being required very low.