Mae hwn yn fersiwn HTML o atodiad i'r cais Rhyddid Gwybodaeth 'Retention and deletion of emails'.

Information Management Manual 
 
Business Owner’s Name  Elizabeth Barber – Records Manager
Tel: 03000 415812 
xxxxxxxxx.xxxxxx@xxxx.xxx.xx
Version 
Version 3.2  January 2020
 
Contents 
 
1.
 
Introduction ................................................................................................................... 5 
2.  
Management Roles and Responsibilities ................................................................... 5 
2.1 
Provision for records management in individual service units............................ 6 
2.2 
Induction Programme ........................................................................................ 6 
2.3 
Records Management Training .......................................................................... 6 
3. 
What is Records Management? ................................................................................... 6 
3.1 
Definition of Records Management .................................................................... 6 
3.2 
Characteristics of a Record ................................................................................ 7 
4. 
Overarching Principles ................................................................................................. 7 
4.1 
Information is a business requirement ............................................................... 7 
4.2 
Information is an asset ....................................................................................... 7 
4.3 
Information Security ........................................................................................... 7 
4.4 
Information Systems .......................................................................................... 8 
5. 
Service Unit Requirements .......................................................................................... 8 
5.1 
Understanding the role information plays in service delivery ............................. 8 
5.1.1  Identifying information created for statutory or compliance purposes ..... 8 
5.1.2  Identifying information created to support service delivery ..................... 9 
5.1.3  Recording Information ............................................................................ 9 
5.2 
Identifying Information Sets ............................................................................... 9 
5.3 
Requirements for Information Systems .............................................................. 9 
Figure 1  Identifying and Documenting Information Sets ............................................... 10 
6. 
The Information Management Lifecycle ...................................................................... 11 
Figure 2: Information Management Lifecycle .................................................................. 11 
7 
Creation, Collection (Capture) and Classification ...................................................... 11 
7.1 
Creation ............................................................................................................. 11 
7.1.1   Principal Copies ..................................................................................... 12 
7.1.2   Principal Record Keepers ...................................................................... 12 
7.1.3   Business Critical Information ................................................................. 12 
7.1.4  Managing Duplicate and Non-Business Critical Information ................... 13 
7.2 
Capture (Collection) ........................................................................................... 14 
7.2.1  Capturing Physical Information ............................................................... 14 
7.2.2  Transfer of information between physical and digital formats ................. 15 
7.2.3  Information held in digital format ............................................................. 15 
7.2.4  Hybrid Systems ...................................................................................... 17 
7.3 
Classification of Records ................................................................................... 17 
7.3.1  Classification of Records - General ........................................................ 17 
7.3.2  Classification of Records – Protective Marking Scheme ........................ 18 
7.3.3  File Naming Conventions ....................................................................... 19 
7.3.3a   Benefits of using file naming conventions ............................................ 20 
7.3.3b   Preparing to implement file naming conventions ................................. 20 
7.3.3c   Folder Structures ................................................................................. 20 
7.3.3d   Developing a file naming convention ................................................... 21 
1 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
8. 
Storage and Retrieval ................................................................................................... 24 
8.1 
Storage .............................................................................................................. 24 
8.1.1   Storage of Principal Copies ................................................................... 24 
8.1.2   Duplicate or Reference Copies .............................................................. 25 
8.1.3   Storage Requirements for Physical Information .................................... 25 
8.1.4  Storage Requirements for Electronic Records ........................................ 26 
8.2 
Information Security ........................................................................................... 27 
8.2.1  Managing Information Securely .............................................................. 27 
8.2.2  Protecting information in the workplace .................................................. 27 
8.2.3  Securing Electronic Information .............................................................. 27 
8.2.4  Information Risk Assessment ................................................................. 27 
8.3 
Archiving Information ......................................................................................... 28 
8.3.1  Physical Information ............................................................................... 28 
8.3.2  Electronic Information ............................................................................. 28 
8.4 
Retrieval............................................................................................................. 29 
8.4.1  Creating and Implementing Tracking Systems ....................................... 29 
8.5 
Business Continuity ........................................................................................... 29 
8.5.1  Back ups ................................................................................................. 29 
8.5.2  Business Continuity Plans ...................................................................... 30 
8.5.3  Digital Continuity ..................................................................................... 30 
8.6 
Data Sharing ...................................................................................................... 30 
8.7 
What to do when a data breach occurs? ........................................................... 31 
9. 
Retention and Disposal ................................................................................................ 31 
9.1 
Record Retention ............................................................................................... 31 
9.1.1  Allocating Retention Periods................................................................... 31 
9.1.2  Recording Retention Periods .................................................................. 32 
9.1.3  Retention Schedule ................................................................................ 32 
9.1.4  Using the Retention Schedule ................................................................ 32 
9.2 
Identifying Information for Permanent Historical Preservation ........................... 32 
9.2.1  Information Stored with the Records Management Service (RMS) ........ 32 
9.2.2  Information Stored in Individual Service Units ........................................ 32 
9.2.3  Permanent Preservation of Electronic Records ...................................... 33 
9.3 
Identifying Information for Disposal .................................................................... 33 
9.3.1  Roles and Responsibilities...................................................................... 33 
9.3.2  Managing Principal Copies and Duplicate Copies .................................. 34 
9.4 
Requirements for the Disposal of Information – Physical .................................. 34 
9.4.1  Information protectively marked “NOT PROTECTIVELY MARKED” ...... 34 
9.4.2  Information protectively marked "OFFICIAL" .......................................... 34 
9.4.3  Information with the protective marking "OFFICIAL - SENSITIVE" ......... 35 
9.4.4  Disposal of Information held in the Records Management Service ........ 35 
9.5 
Disposal of Digital Records ................................................................................ 35 
9.6 
Disposal schedules ............................................................................................ 36 
CHECKLISTS .............................................................................................................................. 37 
Checklist 1: 
Records Capture Process ............................................................................... 37 
Checklist 2: 
Physical Storage Requirements ..................................................................... 38 
2.1 
Standard Requirements ..................................................................................... 38 
2.2 
Requirements for storage used solely for records storage ................................ 38 
Checklist 3: 
Inspection of Physical Storage Areas ............................................................ 40 
Checklist 4: 
Mandatory Training Requirements ................................................................. 41 
Checklist 5: 
Information Risk Assessment Template ........................................................ 42 
Introduction ..................................................................................................................... 42 
2 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Risk Assessment ............................................................................................................ 43 
DETAILED DEFINITIONS ........................................................................................................... 44 
Clear Desk Policy ............................................................................................................ 44 
Empty Desk Policy .......................................................................................................... 44 
Lockable Storage ............................................................................................................ 44 
SPECIALIST GUIDANCE ............................................................................................................ 45 
Specialist Guidance 1:  Specification for External Storage Provider ................................... 45 
SG1 
Premises and Staff ............................................................................................ 45 
SG2 
Storage .............................................................................................................. 45 
SG3 
Retrieval of Boxes .............................................................................................. 46 
SG4 
Disposal of Records ........................................................................................... 47 
Specialist Guidance 2:  Managing Shared Storage ............................................................... 47 
SG2.1  Allocation of Storage ......................................................................................... 47 
SG2.2  Managing Shared Storage ................................................................................. 48 
SG2.3  Developing Local Procedures ............................................................................ 48 
SG2.4  Dealing With Unauthorised Access ................................................................... 48 
SG2.5  Managing Lockable Storage .............................................................................. 49 
Specialist Guidance 3:  Managing Email ................................................................................ 49 
SG3.1  Email Received by KCC from outside the organisation ..................................... 49 
SG3.2  Allocating Principal Record Keeper to Emails ................................................... 50 
SG3.3  Managing Attachments ...................................................................................... 50 
SG3.4  Email Storage .................................................................................................... 50 
SG3.5  Email Subject Headings .................................................................................... 51 
SG3.6  Assigning a Protective Marking Category to an Email ....................................... 52 
Ten Tips to Help Manage Email ...................................................................................... 53 
Specialist Guidance 4:  Removing Physical Records from KCC Premises ......................... 56 
SG4.1  General Principles ............................................................................................. 56 
SG4.2  Transporting Records ........................................................................................ 56 
SG4.3  Returning Records to the Work Area ................................................................. 56 
SG4.4  Overnight Storage ............................................................................................. 56 
SG4.5  Missing Records ................................................................................................ 56 
SG4.6  Management Responsibilities ............................................................................ 57 
SG4.7  Protecting information in transit ......................................................................... 57 
Transporting Physical Information ..................................................................... 57 
Transporting Electronic Information ................................................................... 58 
Aide Memoire for Transporting Personal Information ...................................................... 59 
Specialist Guidance 5:  Digital Continuity .............................................................................. 60 
SG5.1  The Purpose of Digital Continuity Statements ................................................... 60 
SG5.2  Exemplar Digital Continuity Statement .............................................................. 60 
SG5.3  Software Licences ............................................................................................. 61 
SG5.4  Encryption and Password Protection ................................................................. 61 
SG5.5  Managing Digital Continuity and Email .............................................................. 61 
SG5.6  Allocation of Resources ..................................................................................... 61 
SG5.7  Storage of records ............................................................................................. 62 
SG5.8  Migration of Electronic Data .............................................................................. 62 
SG5.9  Degradation of Electronic Documents ............................................................... 62 
SG5.10  Managing Systems .......................................................................................... 63 
SG5.11  Internationally Recognized File Formats ......................................................... 63 
Table 1:  Guide to the mapping of source format to document format ........................... 64 
Specialist Guidance 6:  Managing Information Security in Open and Shared Environments
 

65 
3 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
SG6.1  Roles and Responsibilities ................................................................................ 65 
Line Managers ................................................................................................... 65 
New Ways of Working Project Responsibilities .................................................. 65 
Information Governance Group Responsibilities ................................................ 65 
SG6.2  Managing Confidentiality ................................................................................... 66 
Requirements for Confidentiality ........................................................................ 66 
Risks Presented by Shared Working Areas ....................................................... 66 
SG6.3  Creation and Management of Zones ................................................................. 66 
Creation of Working Zones ................................................................................ 66 
Managing the Use of Working Zones ................................................................. 67 
SG6.4  Managing Shared Storage ................................................................................. 67 
SG6.5  Managing Communal Areas .............................................................................. 68 
Routes to Kitchens and Toilets .......................................................................... 68 
Use of Break Out Areas and Hot Desking Areas ............................................... 68 
Specialist Guidance 7:  Working Away From The Office ...................................................... 68 
SG7.1  Roles and Responsibilities ................................................................................ 69 
Corporate Responsibilities ................................................................................. 69 
Management Responsibilities ............................................................................ 69 
Employee Responsibilities ................................................................................. 70 
SG7.2  Management of records used by staff working at home .................................... 70 
Checking records in and out of the office ........................................................... 70 
SG7.3  Transporting Records ........................................................................................ 70 
SG7.4  Managing records held away from the office ..................................................... 70 
Managing Physical Records .............................................................................. 70 
Archiving Physical Records ............................................................................... 71 
Retrieving Archived Records ............................................................................. 71 
Disposal of Records ........................................................................................... 71 
Managing Electronic Information ....................................................................... 72 
SG7.5  Maintaining Confidentiality ................................................................................. 72 
SG7.6  Lost or Stolen Data ............................................................................................ 72 
SG7.7  Leaving KCC Employment ................................................................................ 73 
SG7.8  Exceptional Situations ....................................................................................... 74 
Long Term Sick Leave ....................................................................................... 74 
Disciplinary or Capability Procedures ................................................................ 74 
Specialist Guidance 8:  Partnership Working ........................................................................ 75 
SG8.1  Introduction ........................................................................................................ 75 
SG8.2  Agreeing to Share Information ........................................................................... 75 
SG8.3  Identifying the Principal Record Keeper ............................................................ 76 
SG8.4  Assigning Protective Marking categories ........................................................... 76 
SG8.5  Records Storage ................................................................................................ 76 
SG8.6  Record Retention ............................................................................................... 76 
SG8.7  Record Disposal ................................................................................................ 76 
Specialist Guidance 9:  Managing Project Information ......................................................... 76 
SG9.1  Roles and Responsibilities ................................................................................ 77 
SG9.2  Record Retention ............................................................................................... 77 
SG9.3  Access to Information ........................................................................................ 77 
SG9.4  Information Created and Owned by a Third Party ............................................. 78 
SG9.5  Action at the End of the Project ......................................................................... 78 
Specialist Guidance 10:  Information Management as part of Change Management .......... 79 
SG10.1  Management Roles and Responsibilities ......................................................... 79 
SG10.2  Management of Electronic Records ................................................................. 79 
4 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
SG10.3  Records Management Procedures .................................................................. 79 
SG10.4  Transition Arrangements ................................................................................. 80 
SG10.5  Completing the Transition Process .................................................................. 81 
Specialist Guidance 11: Criteria for Selecting Information for Historical Preservation ...... 82 
Useful Contacts and Resources ............................................................................................... 83 
Useful Contacts ............................................................................................................... 83 
Resources ....................................................................................................................... 83 
GLOSSARY OF TERMS ............................................................................................................. 84 
 
1. 

Introduction 
 
Kent County Council is committed to creating, keeping and managing information to document its 
principal activities. The minimum requirements for managing information are laid out in the 
Records Management Policy. 
 
The Information Management Manual contains information to support managers in implementing 
the Records Management Policy. 
 
This manual is reviewed periodically to ensure that it reflects policy or legislative changes.
 
This manual relates to all information regardless of the media in which the information is stored.
 
2.  
Management Roles and Responsibilities 
 
Managers are responsible for ensuring that appropriate records are created and managed to 
support their business function(s) and to defend the organisation’s liability in the different business 
processes. This includes: 
  ensuring that adequate records are kept of the activities for which they are responsible and 
that these records are properly classified;
  identifying business critical records and ensuring these are properly maintained [see 
section 7.5] and ensuring that they are included in a salvage plan so that they can be 
salvaged in the event of an emergency [see section 11.6.2];
  identifying which members of the team are principal record keepers [see section 7.4] and 
identifying which members of staff need to undertake the mandatory training and ensuring 
that the training is completed; 
  ensuring that information sets and information assets are identified and added to the 
Corporate Information Asset Register maintained by the Corporate Records Manager and 
have been assigned an information asset owner1;
  ensuring that the appropriate information security measures are in place, resourced and 
monitored [see section 4.3]; 
  ensuring that storage facilities are fit for purpose for both physical and electronic records 
[see section 14.5] and securing any necessary resource for the storage and management 
of records and identifying any shortfall in resources ;
  ensure that the necessary resources are available to support records which are named in a 
Digital Continuity Statement [see 8.5.3 below];
  disposing of information in accordance with the corporate retention schedule, using the 
appropriate method of disposal and ensuring responsibility is assigned to an appropriate 
employee. [see section 9] 
 
1 The Corporate Information Asset Register is held as a database in a.k.a. software and will be available via html feed 
on K-NET. 
5 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
2.1  Provision for records management in individual service units 
 
Managers shall assign a records management role within their service unit(s). This may be a 
dedicated post or included with other responsibilities. Where appropriate the corporate records 
manager should be consulted to ensure that the correct skills and requirements are included in 
any job description and/or person specification.
 
Those assigned a Records Management role must work closely with the Corporate Records 
Manager to ensure local procedures meet corporate requirements.
 
Those members of staff assigned a records management role must complete the Records 
Management e-learning module 
 
2.2  Induction Programme 
 
All new employees should be made aware of the records management requirements laid down in 
this manual as part of their induction programme. 
 
See the Induction Checklist for Managers  
 
2.3  Records Management Training 
 
The Records Management E-Learning module is mandatory for all members of staff who are 
responsible for creating, managing, filing, storing or disposing of records as part of their job role. 
 
If you are unsure about whether a member of your team needs to complete the mandatory records 
management training please see the training needs analysis checklist on KNET or Checklist 4 
below. 
 
3. 
What is Records Management? 
 
3.1  Definition of Records Management 
 
ISO 15489 defines records management as: 
 
field of management responsible for the efficient and systematic control of the creation, 
receipt, maintenance, use and disposition of records, including processes for capturing and 
maintaining evidence of and information about business activities and transactions in the 
form of records 

 
In KCC we use the term “information management” rather than “records management”. For the 
purposes of this manual the term information is used to describe any document, image, record or 
data stored or held for business purposes using any media. 
 
Where the information is a Principal Copy [see 7.1.1] and is business critical [see 7.1.3], systems 
must be in place to ensure that it has all the characteristics of a record2: 
 
 
2 These are the requirements which ensure evidential weight should the information need to be used in a legal case 
or, for example, to justify the actions which the organisation has taken to the Local Government Ombudsman. 
6 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
3.2  Characteristics of a Record 
 
 
 
Authentic 
Reliable 
Authentic records are those created and/or sent by 
Reliable records3 are those whose contents can be 
the person who says they have created and/or sent it,  trusted as a full and accurate representation of the 
at the time they say they created and/or sent it. 

transactions, activities or facts to which they attest 
and can be depended upon in the course of 
subsequent transactions or activities.  

Accurate 
Useable 
The integrity of a record refers to it being complete 
Useable records are those that can be located, 
and unaltered. It is necessary that a record be 
retrieved, presented and interpreted. It should be 
protected against unauthorised alteration. Records 
capable of subsequent presentation as directly 
management policies and procedures should specify 
connected to the business activity or transaction 
what additions or annotations may be authorised, and  that produced it. The links between records that 
who is authorised to make them. Any authorised 

document a sequence of activities should be 
annotation, addition or deletion to a record should be 
maintained. 
explicitly indicated and traceable. 
 
4. 

Overarching Principles 
 
4.1  Information is a business requirement 
 
 
4.1.1  KCC is committed to creating, keeping and managing records of its activities. In many 
cases this is a statutory duty. 
 
 
4.1.2  Information is created or collected on a daily basis across the organisation. The value of 
information is dependent on how important it is to critical business activities and the impact 
on the business if it were disclosed, inaccurate or unavailable.
 
 
4.2  Information is an asset  
 
 
4.2.1  Information is an organisational asset that provides evidence of compliance with statutory 
duties and legal obligations and records business transactions.
 
 
4.2.2  All information created and managed by employees during their working hours is owned by 
KCC.  
 
 
 
In the same way that more tangible assets (such as equipment) need to be managed to get 
the best value from them, information must be managed from creation to disposal.
 
 
4.2.3  In order to get the best from KCC’s information assets, the organisation needs to ensure 
that it understands what its information assets are, therefore, all KCC’s information sets will 
be recorded in an inventory which will form part of the Information Asset Register [IAR].
 
 
4.3  Information Security 
 
 
4.3.1  Information that is of value to the business and/or contains personal or sensitive data must 
be appropriately protected throughout its lifecycle, including its secure disposal. This 
 
3 Records should be created at the time of the transaction or incident to which they relate, or soon afterwards, by 
individuals who have direct knowledge of the facts or by instruments routinely used within the business to conduct 
7 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
requires appropriate technical and organisational measures to be in place. 
 
 
4.3.2  KCC has adopted a risk management approach to information security. This considers the 
impact on the organisation in the event that information is inappropriately disclosed 
(Confidentiality), becomes unavailable or lost (Availability), or is inaccurate or of poor 
quality (Integrity). 
 
 
 
This includes business continuity (ensuring protection from loss or damage by fire, flood, 
theft or other emergency outside of normal business provision), proper management of 
electronic systems to ensure that electronic data is not lost, damaged or corrupted, 
ensuring that information is accessible throughout its operational life and ensuring that 
retention periods are allocated so that information is destroyed in line with agreed policy.
 
 
 
4.4  Information Systems 
 
 
4.4.1  Information may be held in digital or paper-based systems, or hybrid systems that combine 
both. Information Systems must be fit for purpose with risks assessed and periodically 
reviewed. 
 
 
4.4.2  Projects that create or make significant changes to Information Systems must consider the 
records management life-cycle, offer appropriate protection and assess their impact on 
privacy.  
 
 
 
This will include an information risk assessment and the capability to delete records at the 
end of their retention period. 
 
 
4.4.3  When purchasing new systems it is important that internationally recognised file formats 
are used wherever possible (listed in SG5.11) as using bespoke file formats which may 
prove difficult to migrate when systems are retired.
 
5. 
Service Unit Requirements 
 
5.1  Understanding the role information plays in service delivery 

 
 
5.1.1  Identifying information created for statutory or compliance purposes 
 
The majority of the records created, held and managed within KCC are created as part of a legal or 
statutory process. 
 
Each service unit must understand the legislative framework in which they operate and the way 
information is used to support the work they do. This information must be documented and included 
in the inventory [see section 4.2.3 above].
 
In some cases, statutory retention periods apply. Where this is not the case, the retention period 
should be determined by the service manager in consultation with the corporate records manager. 
The retention period allocated to each information asset is directly dependent on the purpose for 
which it was created. 
 
Information relating to the legislative framework for individual units will be collected in the first phase 
of the Information Surveys. Once the first phase of the information surveys have been completed it 
8 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
will be the responsibility of individual service unit managers to ensure that the Corporate Records 
Manager is supplied with this information when the legislative framework changes. 
 
5.1.2  Identifying information created to support service delivery
 
Whilst information is frequently used to support service delivery rather than for statutory or compliance
purposes, it is likely to include elements of both. 
 
A good example of this is a project file, some information such as a contract, financial information or 
design drawings will be part of a statutory process, other information such as correspondence, site 
meeting minutes, meeting agendas may not be part of a statutory process. 
 
Allocating retention periods to this kind of information can be more difficult and is usually based on 
individual service unit needs. This information can still be business critical information and where it is 
a principal copy it will still be treated as core to business delivery.
 
5.1.3  Recording Information 
 
Service Units should document each business process together with a note of the information 
created at each part of the process (and which information may be disposed of as part of the 
process). 
 
Service Units should also document which information supports service delivery and that which is 
required to meet statutory or compliance obligations.
 
5.2  Identifying Information Sets 
 
 
5.2.1  Service Units must identify records they are required to create and retain to support their 
work (see Figure 1 below).  
 
 
5.2.2  This information will be included in the inventory which forms part of the Corporate 
Information Asset Register.  
 
5.3  Requirements for Information Systems 
 
Each information management system used to manage physical and digital information must meet 
the information security standards required for the protective marking category assigned to the 
information [see 5.4 below].
 
These requirements should be identified and documented before the procurement of any new 
information system begins and should be clearly included in the specification. Where appropriate 
these requirements should include any legal admissibility or evidential weight standards. This will 
apply predominantly to the format in which digital data is stored.
 
This information is captured as part of ICT procedures for electronic systems. 
 
 
9 | P a g e  
 










Information Management Manual Version 3.2: January 2020 
 
Figure 1 
Identifying and Documenting Information Sets 
 
Analyse and document the 
business process and identify the 
information/records which are key 
to the process;
Ascertain and document whether 
Assign a protective marking 
the information is the principal 
category to the information
copy and if so who is the principal 
record keeper;
Document any information sharing 
Assess and document whether the 
requirements with partner 
information is used by other 
organisations;
service units across the authority;
Assess and document whether the 
information is “business critical” 
Assess and document the length of 
(i.e. how serious the impact would 
time that the information needs to 
be if the information was lost, 
be retained;
damaged or stolen);
 
10 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
6. 
The Information Management Lifecycle 
 
This process is usually called the records lifecycle, but as at KCC we use the term “information” 
rather than “records”, this section is entitled the Information Management Lifecycle. 
 
This simplified information management lifecycle consists of three stages which information will go 
through from creation to disposal. These are shown below in diagrammatic form: 
 
Creation, 
Collection and 
Classification
Storage and 
Retrieval
Retention and 
Disposal
 
 
Figure 2: Information Management Lifecycle 
 
Each element of the Information Management Lifecycle will be covered separately in: 
 
Section 7: 
Creation, Collection and Classification
Section 8: 
Storage and Retrieval 
Section 9: 
Retention and Disposal 
 

Creation, Collection (Capture) and Classification 
 
KCC staff create information throughout the working day and KCC also receives information from 
outside agencies, members of the public, partnership organisations and central government. All of 
this information needs to be collected and classified so it can be retrieved when it is required.
 
7.1  Creation 
 
For the purpose of this manual, the term creation is only being applied to the information which is 
created within the authority.
 
Most of the information created within the authority will either be for a statutory purpose or to 
support a business function. If members of staff know why they are creating the records then they 
will have a better understanding about how to manage them effectively.
 
11 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
7.1.1   Principal Copies 
 
Principal copies of information consist of the master set of documents which will make up the 
record of any transaction in the organisation. Groups of documents will include contract 
documentation, project documentation, financial records, personnel records, records of meetings 
amongst others. 
 
The principal copy of any information will be the one used to protect the organisation’s liability in 
any future legal action or complaint or to support service delivery.
 
It is strongly recommended that individual managers create and maintain a register of the 
principal records held in the unit, the name of the principal record keeper and the location 
of the principal copy of the record. This information can then be used as the basis for a 
salvage plan. This information will also need to be included in the inventory which forms 
part of the information asset register and the information risk register. 
 
7.1.2   
Principal Record Keepers
 
The person or team who holds the principal copy of the information is called the principal record 
keeper (in other words they are holding the information which records the activity). It is the 
responsibility of the Principal Record Keeper to ensure that the “principal” record is managed 
properly in line with the retention periods laid out in the corporate retention schedule which, 
currently, can be found on KNET.  
 
If a principal record keeper is not identified then there will always be confusion about which copy 
of the information is the principal copy. Where this confusion exists usually either all the copies of 
the information are kept (which means that the organisation is storing more information than it 
requires) or that all the copies of the information are destroyed (which means that the organisation 
could be vulnerable to legal challenge in the future). 
 
It is the responsibility of the principal record keeper to ensure that the information is transferred if 
the post-holder is replaced or if a restructure takes place. This should ensure that information is 
not “lost” when a restructure takes place or the post holder moves on.
 
7.1.3   
Business Critical Information
 
It is important to identify information which is business critical so that resources are not wasted on 
managing information which is not critical to the business function (or which could be replaced 
relatively easily from other sources). It is also important to distinguish between business critical 
records and non-business critical records for business continuity purposes. 
 
It is strongly recommended that individual managers create and maintain a register of the 
business critical information in the unit, the responsible member of staff and its location. 
This information can then be used as the basis for a salvage plan. This information will also 
need to be included in any inventory which is created and any information risk register 
which is created.  
 
Business critical information is the information without which the organisation cannot continue its 
business. It is probable that these will be the principal copies of information which could not be 
replaced if they were to be lost or damaged. Loss of the information would result in serious 
consequences either in the loss of life or in the organisation’s inability to fulfil its statutory 
12 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
obligations or in the organisation’s inability to defend itself in a legal case. 
 
Business Critical status can be allocated to the records at creation using the retention schedule or 
through the use of an inventory. 
 
7.1.4  Managing Duplicate and Non-Business Critical Information
 
Most employees will hold some principal copies and some duplicate records.  
 
Duplicate information is the information which individual employees retain for operational purposes 
(for example, minutes of meetings attended or copies of reports presented to meetings, agendas, 
reference material and so on). This information is usually managed outside of the principal filing 
system. 
 
For example the main file on a project may be held by the project manager but an individual 
member of staff may hold their own working papers. The final piece of work is included on 
the project file but the working papers do not need to be included on the file and should be 
disposed of. 

 
Duplicate information is also subject to disclosure under the Freedom of Information Act 2000 and 
the Environmental Information Regulations 1992. The retention of duplicate information may also 
constitute a breach of the General Data Protection Regulations 2016 and the Data Protection Act 
2018. 
 
Where the information is used for reference purposes which are available on line or on KNET, 
employees should store the link to the information and refer to the information held on line rather 
than downloading a copy. This will ensure that electronic systems are not clogged up with 
reference information which may not be up to date and which can be easily accessed elsewhere. 
 
If duplicate information is not clearly identified then usually it will be treated as a principal copy and 
“archived” rather than being disposed of which can lead to additional storage costs being incurred 
for both physical and electronic records.
 
Employees need to be aware, however, that if a “duplicate” document, for example an agenda, is 
annotated during the course of the meeting, the annotations may mean that the “duplicate” copy 
becomes a “principal” copy as the annotations are the only record of a discussion or decision. In 
this case the annotations do not include doodles or other comments unrelated to any decision or 
discussion that was taking place. If the annotations have made the document a “principal” copy 
then it should be treated as such.  
 
However, there is the risk that comments annotated on agendas and meeting minutes may 
become subject to disclosure under FoIA. It is strongly recommended that if the annotations are 
not relevant that this information is disposed of on return from the meeting. 
 
Duplicate and operational copies can and should be safely disposed of once they have reached 
the end of their operational use in line with the appropriate disposal requirements for their 
protective marking category (see section 7.3.2)
 
Duplicate information is likely to be non business critical information.
 
13 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
7.2  Capture (Collection) 
 
Once information has been created or received it will need to be captured in one of KCC’s record 
keeping systems so that it can be retrieved when required.
 
It is the responsibility of individual service units to ensure that the information which has been 
identified as business critical for the service unit is collected, classified4, stored and managed until 
the agreed retention period has been reached.
 
Information comes into the authority in two main formats:
 
  PHYSICAL 
Physical formats include paper, microfilm and objects
 
  DIGITAL 
Digital formats include MSOffice documents, CAD drawings, documents in pdf 
format and imaged captured in jpeg or tiff
 
Capturing information is resource intensive in terms of staff time and the cost of the storage so it is 
important to ensure that we only capture the information which is required. There is a checklist at 
the end of this section which can be used as a guide as to whether information should be 
captured. 
 
7.2.1  Capturing Physical Information
 
See Checklist 1 for guidance about how to recognize whether a record should be captured into a 
formal record keeping system. 
 
Principal Copies 
 
Physical information which is deemed to be a principal copy must be filed and stored in 
accordance with the requirements for its protective marking category (see 7.3.2 below). 
 
It is the responsibility of individual units to create and maintain an information management system 
which captures, manages and provides access to information for as long as it is required.
 
The information management system must ensure that the evidential value of the records can be 
demonstrated if required by showing them to have the characteristics of a record [see section 3.2].
 
Duplicate Copies 
 
Documents identified as being duplicate copies should be managed in accordance with the 
general requirements relating to its protective marking even though it may be stored outside the 
formal information management system [see checklist below]. 
 
The information security risks around unauthorised disclosure of information remain the same 
whether information is a principal copy or a duplicate copy. In fact, the risk can be higher if “copy” 
information is prone to be left lying around because it is not a principal copy and is not in a formal 
 
4 The term classification is used in this context to mean functional classification rather than security classification. 
Security classification is referred to as protective marking throughout this document. 
14 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
information management system. 
 
7.2.2  Transfer of information between physical and digital formats
 
Information may be sent to the organisation using digital or physical formats (i.e. paper 
documents). In some cases it is appropriate to hold information in both formats [see Specialist 
Guidance 5] 
 
In some instances it is be appropriate to print information which has been received in a digital 
format so that it can be included in a physical information management system This will usually be 
related to records which need to be retained for long periods of time. 
 
It may also be appropriate to convert information which is received by the organisation in physical 
format to digital format so that it can be maintained in a digital information management system.
 
Principal Copies 
 
Information which has been identified as being a principal copy can be scanned into a digital 
format and then stored in a digital system. 
 
Any scanned images which may need to be used as evidence must meet the requirements laid out 
in the BSI standard BIP008. For more detailed advice please contact the Records Manager.
 
There are some basic guidelines below:
 
  You must ensure that you have sufficient server space to store the scanned images – some 
scanned images, especially those containing colour can be quite large. You may wish to 
investigate appropriate methods of compressing the scanned image.
  Ensure that the scanner settings are set to the correct dpi, and that the finished image will be 
legible.  
  The scanned image must be stored in one of the file formats listed at SG5.11 preferably 
in pdf, pdf/A or jpg format. 
  Make sure that you have developed a consistent file naming policy for the scanned images so 
that they can be retrieved easily when they are required. [see 7.3.3 below] 
  If you are planning to destroy the physical information once a scanned image has been made 
then each scanned image must be checked for legibility before the physical information is 
disposed of. 
 
Duplicate Copies 
 
As digitising physical documents consumes resources (e.g. time and money), this process should 
not be considered for duplicate documents unless there is no other available option. 
 
7.2.3  Information held in digital format
 
Digital records relate to all records which are created or held in a digital format, this will include 
documents created in the MSOffice environment, documents held in pdf format and electronic 
mail. 
 
Although electronic mail (email) should not be treated differently to any other digital information 
there is a tendency for employees to treat email as though it were a different information category. 
15 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Therefore, all the requirements relating to email have been dealt with in a separate section [see 
Specialist Guidance 3 below]. 
 
Principal Copies 
 
Digital information identified as a principal copy must be filed and stored in a way that is 
appropriate to its protective marking (see section 7.3.2 ). 
 
Service Units are responsible for creating and maintaining an information management system 
that captures, manages and provides access to information for as long as it is required.
 
Information management systems must preserve the evidential value of the records by showing 
them to have the characteristics of a record [see section 3.2]
 
There are some basic steps to managing digital information listed below. This is not exhaustive 
and further information can be obtained from the Records Manager.
 
  Principal copies of digital information should not be held in an employee’s personal storage 
area (“H” drive) and must not be held on a laptop local hard drive. This is because:
o  It can be difficult to access or retrieve if the employee is absent or changes job ;
o  It may be lost if an employee leaves;
o  Evidence shows that personal storage areas are not well managed, and documents can 
become orphaned, out of date, or retained beyond their useful life. 
o  Any information held on a laptop hard drive is not backed up and if the laptop has to be 
rebuilt then all this information will be lost.
 
  Principal copies of digital information should be stored on team or shared drives with 
appropriate protection and security. There are exceptions where employees may be working 
on highly sensitive or confidential documents, such as disciplinary or other personnel matters. 
In these exceptional cases, employees may use personal storage areas with appropriate 
authorisation. 
 
  Employees may use their personal storage area whilst documents are in draft, but final 
principal copies must be transferred to the principal information management system when 
work is completed. 
 
  Service Units should operate a logical folder structure for shared drives or SharePoint sites, 
and ensure that information is not stored outside this folder structure. Each shared drive should 
have at least one “administrator” who is responsible for ensuring that information is correctly 
filed and that information is disposed of at the appropriate time.
 
  Service units should develop and manage a file naming policy for digital information to ensure 
that the content can be identified and filed in the correct folder, and can be retrieved when 
required. [see section 7.3.3]. 
 
  Digital information likely to be required for evidential purposes should be converted to PDF/A 
format5. PDF/A documents cannot be altered once the conversion has taken place. MSOffice 
documents are not usually acceptable as primary evidence, because they could easily be 
 
5 MSOffice 2010 has an Acrobat converter which comes as standard with the package and can be found under the tab 
“Acrobat” 
16 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
altered without leaving an audit trail. 
 
  Where possible digital formats should be compressed6 to ensure that the best use is made of 
the storage capacity which is available.
 
Duplicate Copies 
 
Digital information which has been identified as being a duplicate copy should be managed in 
accordance with the general requirements relating to its protective marking category even though 
it may be stored outside the formal information management system. 
 
The information security risks around unauthorised disclosure of information remain the same 
whether information is a principal copy or a duplicate copy. In fact, the risk can be higher if “copy” 
information is prone to be left lying around because it is not a principal copy and is not in a formal 
information management system. 
 
Employees may store duplicate copies in their “H” drive, however, individuals must have a method 
of disposing of duplicate information once its use has ended.
 
Password Protected and Encrypted Records
 
It may be necessary to use passwords to protect documents or to encrypt them. This is to ensure 
additional security when information is being transported either through the email system or on 
portable storage media. 
 
However, if the document is stored with the password or encryption still in place and the password 
is not available, then the information will be lost.
 
Information should be stored on KCC servers which are secure, which means that when the 
document is saved to a secured filing system the password protection and/or encryption should be 
removed.  
 
All digital records which are subject to a digital continuity must have password protection and/or 
encryption removed when they are prepared for “archiving”. [see Specialist Guidance 5]
 
7.2.4  Hybrid Systems 
 
Hybrid systems contain information which is held in both physical and digital formats.  
 
Where individual service units operate hybrid systems the two information management systems 
(See section 7.3.3) must use the same file naming policy to ensure that all the information can be 
retrieved when required regardless of the format in which it is stored.
 
7.3  Classification of Records 
 
7.3.1  Classification of Records - General
 
This section does not cover the security classification of information; this is known as Protective 
Marking in Kent County Council. [see section 7.3.2]
 
6 For advice about how to compress documents contact ICT 
17 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
Classification of records in this context ensures that all the records relating to individual subject 
matter (such as project documentation) or records relating to the same function (e.g. contracts) but 
managed across different units in the organisation are classified consistently and are all managed 
against the same set of rules laid down in the retention schedule.
 
All records created or received within the organisation should be classified into series or sets 
which have a meaningful titles and/or consistent reference codes. The file names and/or reference 
codes should conform to the criteria laid down in section 7.3.3. Where possible the principal record 
keeper should allocate principal copy information to the pre-defined classification scheme. This will 
assist in preventing the organic growth of idiosyncratic record keeping systems. 
 
Record titles should reflect their specific nature and contents so as to facilitate retrieval of the 
information. 
 
The classification scheme is based on the Local Government Classification Scheme which has 
been adapted for use in the County Council. Some of the categories will remain unused as they 
relate to District Council functions. 
 
Purpose of the Classification Scheme
 
The classification scheme allows consistent categories to be allocated to information regardless of 
where it is being stored and managed across the organisation. The classification scheme will be 
used as the framework for the information asset register, information risk register and retention 
schedule. 
 
Retention periods will be allocated to the categories in the classification scheme so that 
information is managed consistently across the organisation.
 
7.3.2  Classification of Records – Protective Marking Scheme
 
For more information see the Protective Marking Policy.
 
What is Protective Marking 
 
Protective Marking is a visible word on an electronic or paper document, email, communication or 
piece of information that indicates its sensitivity to all those who handle it. Protective markings may 
also be known as security classifications. Protective Marking is a visible word or phrase to indicate 
the sensitivity of the content of a document, email or other communication. 
 
How will Protective Marking be used?
 
Protective marking is not required for routine and non-sensitive information and communications 
or for information that can only be accessed by authorised users of the KCC’s ICT service.
 
Protective marking should be used when communicating the following:
 
  An employee’s sensitive or confidential information, for instance relating to their 
employment, pay, pension, health or wellbeing.
  A customer’s personal, sensitive or confidential information, for instance relating to their 
case management. 
18 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
  Information that may be political y or commercially sensitive.
  Personal or sensitive information sent to other public services.
 
The protective marking of a document or email will govern: 
  where it can be stored [see section 8.1] 
  how it may be transported [see Specialist Guidance 4.2] 
  with whom it may be shared [see section 8.6] 
  how it should be disposed of [see section 9.4].
 
In order to assist employees in protectively marking individual documents, an indicative marking 
has been assigned to each information group in the records inventory and the retention schedule. 
If further assistance is required please contact the Records Manager.
 
NOT PROTECTIVELY MARKED  
Anyone can view the information and it may be published on the web or in paper form 
(copyright unaffected). Use of this marking makes it clear that the document does not 
require protection and can be freely distributed.
 
OFFICIAL
 
This is the default classification for all non-sensitive information. It may be used for routine 
internal communications such as reports or papers at the author’s discretion. It must 
however be used on formal documents sent to other public services or agencies.
 
This category can also be used for information which is politically or commercially sensitive. 
If OFFICIAL is used in this context the information must not be forwarded without the 
permission of the originator7. 
 
OFFICIAL - SENSITIVE
  
The document or file contains information that must be handled with a higher level of 
security and care and must not be forwarded without the permission of the originator. This 
should be used for internal and inter-agency communications containing: 
a)  An employee’s sensitive or confidential information, for instance relating to their 
employment, pay, pension, health or wellbeing, ethnicity, sexual orientation, union 
membership. 
b)  A customer’s personal, sensitive or confidential information, for instance relating to their 
health, social care or case management.
c)  Information that may be political y or commercially sensitive.
d)  Personal or sensitive information sent to other public services.
 
CONFIDENTIAL
  
Use of this marking is strictly reserved for communications relating to an individual’s health 
or adult social care.
 
7.3.3  File Naming Conventions 
 
Members of staff will usually use one of two methods to retrieve electronic files. Either, they will 
use a free text search or they will navigate to the file using the folder structure and file names to 
reach the file that they require. Both approaches are acceptable, however, an imprecise free text 
search can bring up thousands of results, whereas, the correct use of file naming conventions can 
 
7 This is so that the category Official Sensitive can be reserved to mark personal information only. 
19 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
allow users to navigate directly to the electronic documents they wish to use. 
 
If you need any assistance in creating file naming conventions please contact the Records 
Manager. 
 
7.3.3a  
Benefits of using file naming conventions
 
  File naming conventions ensure that electronic documents are named consistently and allow 
users to distinguish between different documents without needing to open them. 
 
  File naming conventions allow documents to be sorted logically and ensure that related 
documents are grouped together.  
 
  File naming conventions also help users to determine the relevance of documents without 
needing to open the documents themselves.
 
  File naming conventions can also include version control and retention information which assist 
users to manage electronic documents effectively.
 
7.3.3b  
Preparing to implement file naming conventions
 
Folder structures and file naming conventions should be planned in advance to save having to 
change file names in order to match an evolving file naming convention.
 
If necessary, teams should run a test of the planned file naming conventions and folder structure 
to identify and resolve any anomalies before full implementation of the system. 
 
The team will need to consider how the records need to be arranged to facilitate retrieval. This 
may be alphabetically, numerically or chronologically. The method used will affect the decision 
about what information should be placed at the beginning of the file name. 
 
7.3.3c  
Folder Structures 
 
Different teams will need to implement different folder structures. If the team has a 
filing/classification scheme for physical records, it may be appropriate to use a similar structure for 
electronic records. 
 
Where possible the team should design the folder structure together to reflect the agreed 
workflow. If the team has no established workflow, then the team could take the opportunity to 
review and document their workflow. 
 
There should be at least one member of the team who takes responsibility for managing the folder 
structure once it has been implemented. This member of the team will be the only person 
permitted to change the folder structure or create new folders. 
 
Teams need to take into account the following points when developing a folder structure:
 
  Folders should be named according to function or service rather than organisation specific, 
departmental or personal names unless the content of the folders is demonstrably team 
focused. 
 
20 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
  Folders should describe the work that is being done not who is doing it. 
 
  The top two levels of a shared drive structure should map to a classification scheme. Lower 
levels can reflect the needs of the service or function.
 
For example: 
 
The top level folder might be entitled: 
European Funding Projects 
The next level folder might be entitled: 
Seven Seas Project
 
The folders underneath would then reflect the workflow and might include Finance, Marketing, 
Publications and so on or the team may decide to work on two levels and store all the documents 
in the level 2 folder. 
 
7.3.3d  
Developing a file naming convention
 
File naming conventions will take different formats across the organisation. The format that the file 
naming convention takes is flexible, but it must be consistent and folders monitored to ensure that 
the file naming convention is being used consistently.
 
Controlled Vocabularies 
 
Teams which operate in a regulated environment might want to consider the use of controlled 
vocabularies. 
 
A controlled vocabulary will usually consist of a list of agreed terms and how they should be used. 
Sometimes these will be provided by a professional body or industry standard; in other cases the 
team will develop the vocabulary themselves.
 
Controlled vocabularies can be especially useful if a number of teams are undertaking the same 
functions in different geographical areas, for example, Specialist Children’s Services. The use of a 
controlled vocabulary means that members of staff can move across teams and not have to spend 
time learning a new filing structure. 
 
The use of Controlled Vocabularies also enables documents to be retrieved consistently across 
the organisation in response to request for information.
 
An example of a Controlled Vocabulary might look like this: 
Project Plan 
PID 
Project Implementation Document use PID 
Funding 
Budget use Funding 
Project Plan 
Gantt Chart use Project Plan 
Milestone Review use Project Plan
 
For more information about developing Controlled Vocabularies please contact the Records 
Manager. 
 
 
21 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Version Control 
 
Some teams will deal with multiple versions of a document before the final version is completed. 
For example, policies or reports may go through a number of versions, with individual members of 
staff adding their comments before a final version is approved. 
 
These teams may wish to include version control in the file name. This is usually delineated by the 
use of the letter “v” followed by a version number.
 
For example: 
20151217InformationManagementManualv2
 
Protective Marking 
 
Teams dealing with personal and/or sensitive information may wish to include the protective 
marking in the file name. 
 
Common Elements of a Title 
 
Different teams will wish to use different elements to make up the team’s file naming convention 
and the elements may be used in a different order but there are some common elements which 
are likely to be included in most file names:
 
  Date 
  Subject 
  Document type [for example, Budget]
  Activity/Project Name 
  Name of the author or owner 
 
The following elements may be included where teams have specific requirements 
 
  Version number 
  Retention information [e.g. date of disposal]
 
The physical type of the document, for example, PowerPoint, Excel, Word etc. should not be used 
in the file name as the file extension gives this information.
 
For example: 
20151129SchoolsFinanceOfficersPresentation.ppt 
NOT 
20151129PowerPointPresentation.ppt
 
If the document is being stored in an hierarchical folder structure then the name of the folder 
should NOT be contained in the file name unless the file is going to be shared and the file name 
needs to show the document context. 
 
For example: 
A team might store their team meeting minutes in a folder called IRT Team Meeting. In this 
case the file name would probably look like this: 20151217minutes. 
 
However, if the team shares those minutes with another team on a regular basis, it makes 
22 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
the document content clearer if the words IRT Team Meeting are included in the file name. 
In this case the file name would probably look like this: 20151217IRT Team Meeting 
minutes 
 
Issues to bear in mind when creating a file naming convention
 
All the hints listed below are designed to assist teams in creating a file naming convention that is 
fit for purpose for their team. 
 
Different teams will create different file naming conventions but it is important to remember that the 
file naming convention should match the way in which the documents are to be retrieved and 
should be applied consistently across the whole team.
 
  The elements of the file name should be ordered in the most appropriate way to retrieve the 
document – the most important element first.
 
  The folder title should not be included in the file name unless the document is likely to be 
shared with other teams and the folder title gives the document context. 
 
  File names should be short but comprehensible. Always balance helpful description with 
being concise and formal. 
 
  Capital letters should be used to delineate words not spaces or hyphens as both MSOffice 
and SharePoint limit the size of file paths.
 
  When including a personal name in the file name give family name first followed by initial.
 
  The file names for correspondence should include the file name of the correspondent, an 
indication of the subject date of the correspondence and whether it is incoming or outgoing 
correspondence. 
 
  Numbers should include the right number of digits to ensure that the documents list 
correctly. The safest approach is to ensure that all numbers have 3 digits unless the team is 
likely to create more than a thousand documents in an individual section, in which case the 
numbers should have four digits. 
 
For example, 001 or 0001 rather than 1, 010 or 0010 instead of 10 or 0100 instead 
of 100 
 
  If using the date it should be stated back to front, using four digit years (2015), 2 digit 
months (12) and 2 digit days (02).
 
  Scanned or automatically generated file names should be changed to match the filing 
conventions. 
 
  Words describing format of a document should not be included in the file name.
 
  If the file naming convention is to include emails, then the words FW and RE should be 
removed from the titles of emails.
 
 
23 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Example of File Naming Convention 
 
The following file naming convention could be used for documents relating to an individual team 
meeting. 
 
YEAR  MONTH  DAY  NAME OF MEETING TYPE OF DOCUMENT DISPOSAL DATE
2015 
12 
26 
IRTTMeeting 
Minutes
2018 
2015 
12 
26 
IRTTMeeting 
Agenda
2018 
2015 
12 
26 
IRTTMeeting 
RMReport
2018 
 
The file names would look as follows: 
 
20151226IRRTMeetingAgenda2018 
20151226IRRTMeetingMinutes2018 
20151226IRRTMeetingRMReport2018 
 
The name of meeting column could be left out if the records are stored in a hierarchical folder 
structure and are not going to be shared with other teams who need to understand the document 
context. 
 
8. 
Storage and Retrieval 
 
Once information has been captured and classified, it is important to store it in a way that means it 
can be retrieved when required. The information must also be stored so that only those people 
who need to can get access to it. 
 
8.1  Storage 
 
It is the responsibility of individual managers to ensure that their service unit has enough storage 
for both the physical and electronic records which the unit creates and manages. The storage 
provided must meet the requirements for the protective marking category which it has been 
allocated. 
 
Music, photographs and videos may only be stored on KCC servers if they are work related. KCC 
storage facilities must not be used for the storage of any non-work related files. 
 
8.1.1   
Storage of Principal Copies
 
Principal copies in both physical or electronic format must be stored in a way that ensures 
protection from: 
 
  environmental damage such as fire, flood or insect infestation;
  theft or other means of unauthorised access;
  accidental loss or damage; 
  degradation over time. 
 
See Section 8.1.3 for the storage of physical information.  
See Section 8.1.4 for the storage of electronic information.
 
24 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
8.1.2   
Duplicate or Reference Copies
 
Duplicate or reference copies, in both physical and electronic format, do not need to be allocated 
the same resources for storage as principal copies as this information should be replaceable from 
other sources. 
 
However, duplicate copies must be protected from theft or other means of unauthorised access or 
accidental loss. The consequences of unauthorised disclosure of personal information will be the 
same whether the information is a principal copy or a duplicate copy. 
 
See Section 8.2 for Information Security requirements
 
8.1.3   

Storage Requirements for Physical Information
 
Physical information should be stored in either working office space, an archive room which meets 
the standards outlined in checklist 2 or with the Records Management Service. 
 
Where physical information is stored in working office space there are some basic minimum 
standards which need to be met to ensure that record storage is adequate and fit for purpose. The 
storage areas allocated to hold physical records must be adequate to accommodate and 
anticipate accruals. The storage areas set aside for physical records must be regularly inspected. 
[see Checklist 3] 
 
Use Checklist 2 to help you decide whether your physical records storage meets your 
requirements.  
 
Information with the protective marking “NOT PROTECTIVELY MARKED” 
 
The storage must meet the requirements in Checklist 2 but there are no further requirements.
 
Information with the protective marking "OFFICIAL”
 
Information which has the protective marking "OFFICIAL" or "OFFICIAL - SENSITIVE" must be 
stored so that unauthorised access, accidental loss or theft is prevented. The additional 
requirements are listed below: 
  sufficient lockable storage must be provided to accommodate all this information overnight 
and when it is not in use; 
  there must be a policy that all this information must be stored in the lockable storage 
overnight and when not in use and the keys are stored in a secure place; 
  individual employees handling this information must implement the "clear desk" 
requirements; 
  all cabinets and cupboards must be closed and locked when there is no one in the room.
 
Provided that the information is stored in locked cabinets when the premises are not occupied 
there should not be any need to introduce any further security measures. However, the situation 
should be monitored and if any further security measures are required these should be 
considered. These may include restricting access to cleaning staff when the office is unoccupied 
or restricting access to the building when the office is unoccupied.
25 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
8.1.4  Storage Requirements for Electronic Records
 
The storage used for electronic records should be designed so that records will remain accessible, 
authentic, reliable and useable. If records need to be retained for longer than 7 years you will need 
to follow the requirements listed in Specialist Guidance 5 below which are designed to ensure that 
digital records will still be accessible at the end of their statutory retention period. 
 
Where possible all electronic records should be stored on KCC servers which are being backed up 
on a regular basis. It is also easier to check that the information is still accessible if the information 
is kept on a KCC server. 
 
If this is not possible then you must follow the requirements laid out below. 
 
Records Protectively Marked “NOT PROTECTIVELY MARKED”
 
These should be stored on KCC servers where at all possible. If electronic records have to be 
taken off the servers due to lack of space or for other reasons they should be stored on an 
external hard drive that has been clearly labelled and is securely stored. The hard drive should be 
backed up a minimum of once a week and the records checked at least one every six months to 
ensure that the data is still accessible. 
 
If an external hard drive is not available then records may be copied to a CD/DVD if absolutely 
necessary. This is not a preferred option as the CD/DVD can get scratched or deteriorate. If this is 
the only option available then you should make at least two copies of the CD which are clearly 
labelled and securely stored in separate places. The documents must be checked at least once 
every six months to ensure that the data is still accessible.
 
Memory sticks/flash drives must not be used for the storage of electronic records as the 
information may corrupt much more easily, they are harder to label and easier to lose. If this is the 
only option available please ask for further advice from the Records Manager. 
 
Records Protectively Marked "OFFICIAL" or "OFFICIAL - SENSITIVE" 
 
Electronic records protectively marked “OFFICIAL” or "OFFICIAL - SENSITIVE" must be stored on 
KCC servers where at all possible. If records are taken off the servers due to lack of space or for 
other reasons they must be stored on an encrypted external hard drive which has been clearly 
labelled and securely stored. The hard drive should be backed up a minimum of once a week and 
the records checked at least once every six months to ensure that the data is still accessible. 
 
If a hard drive used for storing records is lost or stolen the encryption will ensure that the data 
cannot be accessed by a third party. However, each hard drive is allocated to a specific computer 
where it can be accessed without needing to put a password in. If the hard drive is inserted in any 
other machine it will require the encryption password to access the data. This makes it imperative 
that the password is stored securely and not lost as the data will then become inaccessible to an 
authorised user as well. The password should never be written on or attached to the drive itself.
 
Records in this category should not be burnt to a CD/DVD as this media cannot be encrypted.
 
Memory sticks/flash drives must not be used for the storage of this category of electronic records 
as the information may corrupt much more easily, they are harder to label and easier to lose. If this 
26 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
is the only option available the memory stick/flash drive must be encrypted and you should get 
advice from the Records Manager. 
 
8.2  Information Security 
 
8.2.1  Managing Information Securely
 
Managing information securely is about ensuring that the organisation recognises its information 
as an asset, ensures that it is accessible and usable all the time that it is required, and makes sure 
that information is protected from unauthorised access.
 
This includes ensuring that information 
  is handled appropriately in the working environment [see 8.2.2]; 
  is protected from unauthorised access [see 8.2.3]; 
  is transported appropriately [see 8.2.4]; 
  is stored and archived correctly [see 8.3]; 
  remains accessible and usable throughout the whole time that it is required [see see 8.4]; 
  is retained for the appropriate length of time and disposed of properly [see section 9]; 
  is included in business continuity plans [see 8.5.2] 
 
Where appropriate documents and records should be assigned appropriate protective markings 
see 7.3.2; 
 
8.2.2  Protecting information in the workplace
 
All storage requirements need to meet the requirements laid down in Checklist 2. There can be a 
danger of losing information if the storage provided is not used properly.
 
Where appropriate service units should introduce a Clear Desk Policy. A Clear Desk Policy should 
not be confused with an Empty Desk Policy.
 
8.2.3  Securing Electronic Information
 
When placing computers, screens should not be visible to people passing by (outside or inside the 
office). Where this is not possible special filters can be purchased which can be attached to the 
computer screen to make the information on the screen illegible to anyone not using the computer. 
The special filters should only be used where the information is sensitive. 
 
You must not share your log in and password with anyone else. This is a disciplinary matter and 
you are accountable for everything that happens whilst you are logged on. For this reason, you 
should not leave your computer for any length of time without locking the computer. This can be 
done by pressing CTRL+ALT+DEL and choosing the lock computer option. 
 
Electronic information assigned the protective marking "OFFICIAL" must not be stored on portable 
storage devices [see section 10.5]. Where unavoidable these devices must be encrypted and 
should be subject to a clear desk policy to ensure that they are properly secured. 
 
8.2.4  Information Risk Assessment 
 
In line with the ICO auditors’ recommendations, a risk assessment should be completed each time 
members of staff wish to take files containing sensitive personal information from their usual work 
27 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
space. 
 
Managers should be aware of the information which their team members are using. It may not be 
appropriate to undertake a risk assessment each time a member of the team takes sensitive 
personal data away from the work space but managers should work through the risk assessment 
template (see Checklist 5) periodically with members of staff to ensure that they are fully aware of 
the protocols. This could take place during appraisal or supervision meetings. 
 
 
8.3  Archiving Information 
 
"Archiving" information is a process which involves removing records from storage where they can 
be accessed immediately to another area which may take longer to access, but where the records 
are still available for use.  
 
Only principal copy records should be "archived", duplicate or reference material should be 
disposed of once it is no longer required.
 
8.3.1  Physical Information 
 
Physical records can be "archived" when they are no longer required on more than a monthly 
basis. As there are costs associated with the retrieval of documents then it is important to ensure 
that records are not "archived" whilst they are in regular use.
 
There are a number of different options for archiving records:
 
Record Rooms in Current Working Space
 
Some KCC buildings have record rooms on the premises and employees may prefer to use the 
record rooms on the premises. These record rooms must meet the requirements laid out in 
Checklist 2. The records must be clearly labelled and should be assigned an owner. These rooms 
should not be used as a "dumping" ground where records are left without a disposal date.
 
These rooms must have the proper levels of security and there should be a method of tracking 
who has access to the rooms. 
 
Transfer to the Records Management Service
 
KCC operates an in house records management service which provides a storage and retrieval 
service for this category of records. This is a recharged service. Further details can be obtained by 
contacting the Records Management Service Team.
 
Transfer to an External Storage Supplier
 
There may be occasions when a service unit may wish to transfer records to an external storage 
supplier other than the Records Management Service. This should only be done on the advice of 
the Records Manager and the external storage supplier must meet the specification laid out at 
Specialist Guidance 1. 
 
8.3.2  Electronic Information 
 
28 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Where possible electronic information should be "archived" on KCC servers. This may take the 
form of placing it in a different folder where it can sit out the retention period or may require the 
use of a different server. 
 
In this way the information is being routinely backed up and can be checked on a regular basis to 
ensure that the data is still accessible and readable.
 
If it is not possible to "archive" the data on KCC servers then data should be stored in line with the 
same requirements outlined in section 8.3.2.
 
8.4  Retrieval 
 
Service units should be able to retrieve their records when they are required. Retrieving records 
involves: 
 
  Storing records in a way that means that they can be accessed easily and using “tracker” 
systems to show who has records which have been retrieved from a record keeping system 
[see 8.4.1] 
  Ensuring that documents and records have been given titles in line with the file naming 
convention protocol [see 7.3.3] 
  Knowing how and when to transport information [see Specialist Guidance 4] 
  Knowing when and how to share data and what to do if data is misdirected, lost or stolen 
[see 8.7] 
  Knowing which file formats to use if the records are held in electronic format and have a 
retention period longer than 7 years see [Specialist Guidance 5]
 
8.4.1  Creating and Implementing Tracking Systems
 
A tracking system must be in place for each storage area where physical records are stored8. This 
procedure must be documented and should record at least who has the physical record and when 
it was taken from the system and when it was returned. 
 
There are a number of different methods for tracking files. A simple system is the use of a tracking 
card which replaces the file on the shelf. The tracker should contain at least the following 
information: 
  Name and contact telephone number;
  Location of the file 
  File reference (and if appropriate the name of the client or the project); 
  Date that the file has been taken and provisional return date.
 
Local procedures should include routine checks of the files which are checked out. If the files are 
no longer in use then arrangements should be made to return them to the storage area.
 
8.5  Business Continuity 
 
8.5.1  Back ups 
 
 
8 New Ways of Working storage consists of storewalls, cupboards and roller racking distributed through the 
building. Staff working in these areas do not have pedestals and should not keep physical records in their 
lockers. 
29 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
All electronic information should be stored in a way which ensures that it is backed up regularly 
[see section 8.3.2].  
 
The backup regime must meet corporately agreed standards and should be documented.
 
A test restore of back up data should be completed at least once a year of all business critical 
systems to ensure that the data can be restored in a usable format.
 
8.5.2  Business Continuity Plans 
 
Information is one of the key assets which KCC needs to carry out its business and therefore must 
be included in individual service unit business continuity plans. It is the responsibility of the service 
unit heads to ensure that all the information assets assigned to their service unit have been 
included in a business continuity plan.  
 
Individual Service Units should assess the risk to the unit if information is lost beyond recovery 
and how the Unit would continue to function in this situation. 
 
Duplicate or reference copy information should not be included in the business continuity plan.
 
The business continuity plan must identify resource requirements to ensure records continue to be 
maintained or securely recovered in the event of a disaster. This may include salvage of physical 
records or the restoration of back up records. 
 
8.5.3  Digital Continuity 
 
The long term preservation of digital records is more complex than the retention of physical 
records. A large number of service units create data in electronic format which needs to be 
retained for longer than 7 years. If this data is not retained in accessible formats service units will 
be unable to defend any legal challenge which may arise.
 
Although the average life of a computer system can be as little as 5 years, as digital continuity is 
resource intensive, only records which are required to be retained for 7 years (in line with the 
Limitation Act 1980) or longer will be subject to Digital Continuity Statements. 
 
All digital records which need to be retained for longer than 7 years need to be included in a Digital 
Continuity Statement. This will ensure that digital records are retained in a way that ensures they 
can be retrieved when required in an accessible format.
 
See Specialist Guidance 5 for further information.
 
8.6  Data Sharing 
 
Data sharing takes place right across the authority between employees and our partners. It is 
important that the data is shared with the right people in the right way.
 
Before you share data with agencies or partners outside the organisation you must check that you 
have their permission, and in the case of Sensitive Personal Data, the explicit consent of the data 
subject (other than where such sharing is a statutory requirement. This may already have been 
agreed as part of a data sharing agreement, such as the Kent and Medway Information Sharing 
Agreement, or have been agreed between partners in a project. This is especially important with 
30 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
information which has been protectively marked "OFFICIAL".
 
Where members of the public request access to information this should be dealt with in 
accordance with the Data Protection Policy, Freedom of Information Policy and Environmental 
Information Regulations. For more information about this please see the Information Governance 
section under Our Council on K-NET. 
 
8.7  What to do when a data breach occurs? 
 
All the information which you need to report a data breach can be found on KNET at  
https://kentcountycouncil.sharepoint.com/sites/KNet/_layouts/15/Doc.aspx?sourcedoc=%7B
23A04343-0CF8-4BD1-B06B-
1DA02CA71E53%7D&file=Data%20Breach%20Policy.docx&action=default&mobileredirect
=true&DefaultItemOpen=1 
 
9. 
Retention and Disposal 
 
9.1  Record Retention 
 
Each individual service unit should define how long they need to keep particular information and 
should dispose of it when they are no longer needed.
 
The service unit should be able to explain why information is no longer held when the information 
is requested under the Freedom of Information Act 2000 and ensure that personal information has 
been disposed of in accordance with the requirements of Article 5 section 1e of the General Data 
Protection Regulations 2016.9 
 
Record retention applies to all information regardless of the media in which it is stored.
 
9.1.1 
Allocating Retention Periods 
 
As a general principle, information should be kept for as long as it is needed by the service unit or 
the wider organisation: for reference or accountability purposes, to comply with regulatory 
requirements or to protect legal and other rights and interests. 
 
Retention periods are allocated using a number of different criteria, for example, statutory 
requirements, requirements made by external funders, industry best practice and operational 
need. 
 
Retention periods will be allocated to information as part of the information asset survey or in 
consultation with the Records Manager.
 
All retention periods which are allocated are minimum retention periods. Service units may need to 
retain information which is known to be the subject of litigation or a request for information has 
been received. If so, destruction should be delayed until the litigation is complete or, in the case of 
a request for information, all relevant complaint and appeal provisions have been exhausted. 
 
 
9 Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for 
the purposes for which the personal data are processed (Article 5.1e, General Data Protection Regulations 2016) 
31 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
9.1.2 
Recording Retention Periods
 
Retention periods will be recorded on the retention schedule as part of the information asset 
register and will be attached to each information asset.
 
9.1.3 
Retention Schedule 
 
The retention schedule lists the retention periods for information series right across the 
organisation. Currently the information is published on KNET at 
https://kentcountycouncil.sharepoint.com/sites/KNet/documentsmain/Retention Schedule.docx  
and is listed by function. 
 
If service units cannot locate an appropriate retention period for information they should contact 
the Records Manager. 
 
Once the inventory which forms part of the Information Asset Register has been completed, 
retention periods will be allocated to each information group and recorded in the inventory.
 
The retention schedule is updated on a quarterly basis.
 
9.1.4 
Using the Retention Schedule
 
In order to use the retention schedule effectively, service units must identify the point at which 
information is “closed” so that the retention period can begin. In some cases this will be governed 
by the business process, for example, last contact with a client. In other cases the trigger may be 
the end of the financial year. 
 
Service units will need to remember that where a file contains several volumes the retention period 
may be triggered by the last action on the final volume and that all the volumes need to be kept for 
the whole retention period.
 
9.2 
Identifying Information for Permanent Historical Preservation 
 
Information should be retained where it has long-term value for historical or other research and 
should be selected for permanent preservation.
 
9.2.1 
Information Stored with the Records Management Service (RMS) 
 
All information stored with the Records Management Service is appraised to assess whether it 
should be included in the historical archive.
 
For further information about this please contact the Heritage Services Manager at the Kent 
History and Library Centre.
 
9.2.2 
Information Stored in Individual Service Units
 
Information which is stored in individual service units should also be offered to the Heritage 
Services Team service for appraisal where it is appropriate. 
 
Individual service units should check the retention schedule to see whether the information has 
been identified as being of potential historical value.
32 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
Where information is offered to the Heritage Services Team any appropriate finding guides to 
ensure that the information can be identified and retrieved should be transferred alongside the 
records. This will assist with retrieving the information should there be any subsequent requests 
for information. 
 
If the information is still subject to disclosure under the Freedom of Information Act 2000 (for 
example it is less than thirty years old) then there should be agreement about what, if any, 
exemptions will be applied and who will be responsible for making the decision about whether 
disclosure will be made. 
 
Information about the criteria used to select information for historical preservation can be found in 
Specialist Guidance 12 below. 
 
9.2.3 
Permanent Preservation of Electronic Records
 
Increasingly, information is being created and managed in digital format. The Heritage Services 
Team is currently developing a policy to enable the service to preserve digital records. Currently, 
the team can only receive records in physical format. 
 
9.3 
Identifying Information for Disposal 
 
This section is designed to assist managers to identify information which needs to be disposed of 
and the appropriate methods of disposal.
 
Inappropriate disposal of information could lead to an information security breach. This could 
result in a fine from the Information Commissioners Office and serious reputational damage.
 
9.3.1 
Roles and Responsibilities 
 
It is the responsibility of individual managers to:
 
  ensure their Unit has a retention period assigned to each information group and that the 
retention periods are kept up to date10. 
 
  ensure that information is identified for disposal and disposed of on a routine basis using 
the methods outlined below. 
 
  to ensure that the employees who identify the information for disposal and who dispose of 
the information are properly authorised to do so and have the resources available to ensure 
that it is done using the methods outlined below.
 
Where records are stored at the Records Management Service, it is the responsibility of the 
Records Management Service team to identify the records which are due for disposal and to seek 
authorisation for disposal from the service unit. It is the responsibility of the service unit manager 
to ensure that the relevant authorisation is returned to the RMS on request. 
 
 
10 If any information is not included in the retention schedule, special arrangements should be made to review it and 
decide whether it can be destroyed or should be selected for permanent preservation. Decisions of this nature should 
be documented and kept to provide evidence of which information has been identified for destruction, when the 
decision was made, and the reasons for the decision, where this is not apparent from the overall retention schedule. 
33 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
9.3.2 
Managing Principal Copies and Duplicate Copies
 
The retention period, recorded in the retention schedule, relates only to the principal copy of the 
information. Where information is marked as a duplicate copy, it can be disposed of as soon as 
operational requirement has ceased. The duplicate copy must not be retained for longer than the 
principal copy. 
 
To prevent information security breaches all information must be disposed of using the methods 
outlined below for each “protective” marking category, regardless of whether it is a principal or a 
duplicate copy. The Information Commissioner will not differentiate between a principal and a 
duplicate copy if a serious information breach occurs.
 
9.4 
Requirements for the Disposal of Information – Physical 
 
This section lists the requirements for the disposal of information held in a physical format (e.g. 
paper or microfilm). This includes the disposal of information by any external storage provider.
 
For information about the protective marking scheme see 7.3.2 above.
 
9.4.1 
Information protectively marked “NOT PROTECTIVELY MARKED” 
 
Information which has the protective marking "NOT PROTECTIVELY MARKED" can be disposed 
of using the general recycling facilities provided in all office spaces.
 
If necessary papers can be torn up to provide added security. 
 
If service units are planning to dispose of a large amount of paper using this method then please 
contact the facilities management help desk for the relevant buildings to ensure that regular 
collections are made and that over-full bins do not present a health and safety hazard. It is 
possible that there will be a charge for this service.
 
9.4.2 
Information protectively marked "OFFICIAL"
 
Information with the protective marking "OFFICIAL" must either
 
  be disposed of in the locked secure waste bins. 
 
NOTE 
These bins are emptied periodically by a secure waste disposal company. In order to be 
effective these bins must be locked. The bins should not be filled to the point where paper 
records are coming out of the slot at the top. These bins must not be used if they are 
unlocked or over full. If you see anyone unlocking and emptying these bins please contact 
the facilities management helpdesk for your building copying in the Information Resilience 
and Transparency Team.
 
or 
 
  be shredded using a cross cut or diamond cut shredder. The shreds can be disposed of in the 
general recycling. 
 
If you are planning a big clear out of records then make sure that you have ordered enough bins to 
34 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
complete the job. You can request more bins from the facilities management help desk in the 
relevant building 
 
The facilities management companies will also arrange for the confidential disposal of large 
quantities of records, but please be aware that there will be a charge for this service. 
 
 
9.4.3 
Information with the protective marking "OFFICIAL - SENSITIVE" 
 
Where possible information with the protective marking "OFFICIAL - SENSITIVE" must be 
shredded using a cross cut or diamond cut shredder. The shreds can be disposed of in the 
general recycling or placed in a confidential waste bin. 
 
However, in areas where this is not possible the files can be placed in a confidential bin as above.
 
9.4.4 
Disposal of Information held in the Records Management Service 
 
The Records Management Service will arrange for disposal of information held by them on behalf 
of the service units. The process is summarised below, more details can be found in the RMS 
Standard Operating Procedures. 
 
  RMS team will identify information held in the RMS which is due for disposal. 
  The RMS team will contact the relevant service unit to get authorisation for the disposal of the 
information. 
  Once authorisation for disposal has been received, the RMS team will arrange for the 
information to be disposed of by the supplier.
  The RMS team will attach the certificate of destruction to the authorisation for disposal and this 
will constitute the disposal schedule 
 
9.5 
Disposal of Digital Records 
 
Digital records must be disposed of with care. It is possible to retrieve data that you think has been 
deleted from magnetic media using specialist software that is readily available. 
 
Obsolete ICT equipment must be returned to ICT for disposal so that it can be cleared and 
reformatted in line with ICT procedures. Requests can be logged via Supportworks ICT 
Self-Service on KNET. 
 
Remember, deleted documents remain stored in the Recycle Bin until it is emptied. This is to 
ensure that documents are not deleted by mistake. You must empty your recycle bin on a regular 
basis to ensure that the documents have been deleted from the network. 
 
Documents stored on KCC networks will be rapidly overwritten following deletion; however, 
portable storage devices, especially large capacity flash drives and external hard drives, retain 
deleted documents for much longer. 
 
Records can be deleted from flash drives and external hard drives using the standard document 
deletion process. Some external devices and external hard drives do have a recycle bin facility, if 
this is the case you must ensure that the recycle bin is emptied.
 
You should reformat the device periodically, especially if you have used the device for transporting 
35 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
information rather than storage, to ensure that any imprint the document has left on the device has 
been removed. 
 
Remember that all devices which are plugged into KCC devices must be encrypted. 
 
If you need to dispose of CDs or DVDs please log a call with ICT who will arrange for thse to be 
removed. If this is not a workable solution in your circumstances, please contact the IR&T team for 
further advice. 
 
9.6  Disposal schedules 
 
Details of destruction of information should be kept, either as part of the audit trail metadata or 
separately. Ideally, some evidence of destruction should be kept indefinitely because the previous 
existence of information may be relevant. However, the level of detail and for how long it should be 
kept will depend on an assessment of the costs and the risks to the organisation if detailed 
information cannot be produced on request. 
 
At the very least it should be possible to provide evidence that as part of routine records 
management processes destruction of a specified type of information of a specified age range 
took place in accordance with a specified provision of the disposal schedule. Evidence of this 
nature will enable KCC to explain why records specified in a court order cannot be provided or to 
defend itself against a charge under section 77 of the Act that information was destroyed in order 
to prevent their disclosure in response to a request for information. 
 
For a sample disposal schedule see http://knet/ourcouncil/Documents/Disposal Schedule.xlsx
 
 
 
 
36 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
CHECKLISTS 
 
Checklist 1: 
Records Capture Process 
 
The process below is designed to help you decide whether or not information should be 
captured into a formal filing system (either physical or electronic).
 
If you need further advice about this please contact the Records Manager. 
 
1.  Is the information a principal copy?
 
If the answer is YES please proceed to question 2
If the answer is NO please look at the information below.
 
If the information is not a principal copy it might be something that has been sent to 
you for information or copied to you, such an agenda, a meeting report or a brochure. 
Think about the steps below: 
 
  Can I read this document and dispose of it immediately
  Can I store this in my short term folder with a date by which I need to read it 
or dispose of it 
  Do I need to keep this information for reference purposes – e.g. do I need to 
keep the agenda until the meeting is over or is this something that I will 
need to refer to 
  In the case of published documents, do I need to store the original 
document or can I store a link to the document instead
 
2.  Is the information in physical format?
If the answer is NO please proceed to question 3
 
 
If the answer is YES please look at the information below
 
If the information is in physical format then it should be classified and collected into 
your service unit’s main filing system.
 
You may want to consider whether this information should be digitised so that it can 
be stored with other electronic records on the same subject.
 
3.  Is the information in digital format?
 
If the information is held in digital format you need to ensure that it is saved with the 
appropriate file name [see file naming conventions] and saved into the appropriate 
folder in your filing structure. 
 
If the information needs to be retained for longer than 7 years it must be saved in one 
of the internationally recognised file formats [see SG5.11]
 
4.  Has the information been received in an email?
 
If the information has been received in an email, then follow the procedures in 
Specialist Guidance 3 
 
37 | 
P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Checklist 2: 
Physical Storage Requirements 
 
2.1  Standard Requirements 
 
The buildings/rooms chosen for records storage should be entirely weatherproof.
It is not appropriate to store records in buildings such as barns, sheds or garages 
where water gets into the buildings. It is also not appropriate to store records in a 
room where the roof leaks into the room.
 
The buildings/rooms chosen for records storage should be in a location which is free 
from the threat of arson or other acts of vandalism.

It is not appropriate to use buildings which are located in areas which have a high 
crime or vandalism rate. Arson is a real threat to records stored in buildings in this 
kind of area. 
 
The buildings/rooms chosen for records storage should be secured against 
unauthorised access and should have the appropriate security measures in place.
 
The buildings/rooms chosen for records storage should have adequate fire detection 
apparatus. 

At a minimum this should include heat/smoke detection equipment. Fire is a real 
threat to paper storage areas as paper is combustible.
 
The buildings/rooms chosen for records storage should have a free circulation of air 
around the room. 

This will prevent the formation of mould in the room.
 
Records should not be stored on the floor in case of flood. 
Records should be stored at least 2" off the ground. Where possible records should 
be stored in cupboards, cabinets and drawers to protect from water or fire damage.
 
2.2  Requirements for storage used solely for records storage 
 
The buildings/rooms chosen for records storage should be used solely for records 
storage where possible. 

Records should not be stored in rooms which are used as “dumping grounds” for old 
equipment or other detritus (e.g. Christmas decorations). Cleaning materials, 
especially inflammable liquids, must not be stored in the same storage areas as 
records. 
 
The buildings/rooms chosen for records storage should be kept to a stable 
temperature of between 15oC and 27oC and a relative humidity of between 30% and 
60%. 

The temperature and relative humidity should be stable within these bands. Violent 
fluctuations of temperature can cause conditions which encourage the growth of 
mould. 
 
The buildings/rooms chosen for records storage should be free from insect or rodent 
infestation. 

Records should not be stored in rooms which have a systemic problem either with 
insect or rodent infestation. 
38 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
The buildings/rooms chosen for records storage should be checked regularly for 
degradation in environmental conditions and possible insect/rodent infestation. 

This may involve using technical equipment to record temperature and humidity but it 
may be as simple as a weekly inspection to ensure that there is no mould growth and 
that there is no evidence of insect/rodent infestation. The record rooms must be kept 
tidy and free from rubbish and boxes should not cause a trip hazard or block exits and 
entrances to the room. 
 
Records stored in these buildings/rooms should be boxed and listed in a way that will 
allow easy retrieval when it is required.

Boxes provide a measure of protection from all the environmental hazards identified 
above (i.e. fire, flood, insect/rodent damage) and also offer a first line barrier against 
unauthorised access to the records. If the records are not listed in a way which means 
that they can be located and retrieved easily then there is little point in storing the 
records in the first place. The records storage area will rapidly become a dumping 
ground for records which are not being managed properly. It is strongly recommended 
that employees do not put a list of the contents of the box on the box label, especially 
if the records contain personal information. A box reference number should be 
sufficient but if necessary a brief description of the record series can be included on 
the outside of the box. 
 
Boxes stored in the record room should be placed on shelves where possible. 
Shelves allow for easy access to the boxes and ensure that the area is managed in a 
systematic way. The bottom shelf should always be at least 2” from the ground (this is 
a basic precautionary measure to limit water damage if an area is flooded). If shelving 
is not used then boxes of records must be stored on pallets. The top of the pallet must 
be raised at least 2” from the ground (this is a basic precautionary measure to limit 
water damage if an area is flooded). If the pallet has more than 6 layers of boxes then 
the pallet should be shrink wrapped.
 
 
 
39 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Checklist 3: 
Inspection of Physical Storage Areas 
 
 
Question 
Yes  No  Notes/Comments

Is the area used to stored records used solely for records storage?
Yes  No   
 
If No, please indicate in the Notes/Comments box what other items 
 
 
 
are stored in the area

Is the records storage area completely weatherproof?
Yes  No   
 
If No please note the reasons why the building is not weatherproof 
 
 
 
in the Notes/Comments box 

Is the records storage area in an area which is free from the threat 
Yes  No   
of arson and/or other acts of vandalism?
 
If No please note the threats identified in the Notes/Comments box
 
 

Does the records storage area have adequate fire detection 
Yes  No   
apparatus? 
 
If No please indicate why not in the Notes/Comments box
 
 

Is the records storage area secured against unauthorised access 
Yes  No   
with the appropriate security measures in place?
 
If No please indicate why not in the Notes/Comments box
 
 

Is the records storage area kept at a constant temperature?
Yes  No   
 
If No please indicate why not in the Notes/Comments box
 
 

Does the air circulate freely around the records storage area?
Yes  No   
 
If No or you are unsure about what constitutes good air circulation then please contact the Records 
Manager 
 

Is the records storage area free from rodent or insect infestation?
Yes  No   
 
If No, please indicate what kind of infestation is apparent and what measures are being taken to 
deal with the issue 

Is the records storage area checked regularly to ensure that the 
Yes  No   
environmental conditions are stable and that there is no insect or 
rodent infestation? 
 
If No please indicate why not in the Notes/Comments box
 
 
10 
Are the records in the records storage area stored in boxes and the 
Yes  No   
contents identified? 
 
If NO, please proceed to question 10.1
 
 
10.1  Are the records stored in hanging files?
Yes  No   
 
If NO, please proceed to question 10.2
 
 
10.2  Are the records loose on the shelves?
Yes  No   
11 
Is there a mechanism to show whether records have been removed  Yes  No   
from the room? 
12 
Are the records stored on shelves? 
Yes  No   
 
If Yes, is the bottom shelf raised more than 5cm from the floor
Yes  No   
 
If No, please proceed to question 13
 
 
13 
Are records which are not placed on shelves in the storage area 
Yes  No   
stored at least 5cm off the ground? 
 
If No please indicate what proportion of records are stored on the 
 
 
 
floor 
 
 
 
40 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Checklist 4: 
Mandatory Training Requirements 
 
If the post involves one or more of the criteria outlined below, then the postholder must complete 
the Introduction to Records Management e-learning module. This must be included in the 
induction programme for new members of staff or in the mandatory training section on the TCP 
form. 
 
Please note that the term record is used here to cover all documents. 
 
Does the post involve: 
 
  Responsibility for information assets as an information asset owner or an information asset 
administrator 
  Supervision of staff who create and/or manage records 
  Creating records in either physical or digital format 
  Filing records in either physical or digital format 
  Maintaining file storage areas 
  Transporting files between sites 
  Preparing records for upload to the Records Management Service 
  Arranging for the disposal of records 
 Dealing with Freedom of Information requests, Data Subject Access Requests or other 
  access to information requests 
  Dealing with sensitive personal, political or commercial information 
  Storing KCC information at home (i.e. home based workers) 
  Employment in the Records Management Service 
 
When the form which can be downloaded from KNET has been completed, an electronic copy 
should be sent to the Records Manager. 
 
 
 
41 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Checklist 5: 
Information Risk Assessment Template 
 
Introduction 
 
A risk assessment should be completed each time members of staff wish to take files from their 
usual work space.  
 
This risk assessment should be used in conjunction with the document “How to Transport 
Information Securely” and section 11.3 of the Information Management Manual. 
 
Managers should retain a copy of the risk assessment until the documents have been returned to 
the work place. If there is an information security breach then this document will be used as part of 
the evidence.  
 
If you need any further advice about how to complete the risk assessment then please contact a 
member of the Information Resilience and Transparency Team: 
xxxxxxxxxxxxxxxxxxxxx@xxxx.xxx.xx 
 
The risk assessment takes the form of a series of questions and answers and includes actions 
which must be taken before records are transported. 
 
Name of member of staff: 
 
Name of line manager: 
 
Brief description of records to be transported including file references: 
 
 
 
Reason for transporting the records:
 
 
 
As line manager you ensure that you are aware of what the consequences would be if there was 
unauthorised access to the records described above. You must consider whether the damage 
which would be done by an unauthorised breach means that the records should not leave the 
workspace. 
 
The guidance states that “the best way of preventing the theft of confidential documents is to avoid 
having to transport them where there is no absolute need.” 
 
 
 
42 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Risk Assessment 
 
Question 
Answer 
1  Can access to the information be 
Yes 
No 
provided in any other way approved 
Arrange for access to  Proceed to question 2 
by KCC 
the information via 
this route 
2  Does the information contain personal  Yes 
No 
or personal sensitive information 
Proceed to question 4 Proceed to question 3 
3  Does the information contain 
Yes 
No 
commercially or politically sensitive 
Proceed to question 4 Permission may be given to 
information 
transport these records11 
4  Has the member of staff been 
Yes 
No 
provided with a sealed container12 
Proceed to question 5 Records must not be 
transported unless a sealed 
container is provided 
5  Has the member of staff read and 
Yes 
No 
understood the guidelines for 
Proceed to question 6 Records must not be 
transporting information securely 
transported until the 
guidelines have been read 
6  Has the member of staff completed 
Yes 
No 
the mandatory Information 
Proceed to question 7 Records must not be 
Governance and Data Protection 
transported until the training 
training 
has been completed 
7  Does the member of staff understand  Yes 
No 
what to do in the event of information 
Proceed to question 8 Records must not be 
security breach 
transported until member of 
staff is familiar with the 
process 
 
Remind the member of staff that they must leave a tracker card in the place where they take the 
records from and return the records to the main filing system immediately on their return to the 
work space. 
 
Records approved for transport 
 
Signed: 
 
 
 
 
 
 
 
 
 
 
Date: 
 
 
 
 
11 The line manager must ensure that suitable processes are in place to prevent the loss of or damage to the 
information in line with the business continuity plan 
12 This could be a locked box or a lockable briefcase. 
43 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
DETAILED DEFINITIONS 
 
Clear Desk Policy 
 
A Clear Desk Policy only relates to information. It does not mean that all stationery and so on has 
to be cleared away. All information which has been allocated the protection marking "OFFICIAL" 
or "OFFICIAL - SENSITIVE" should be cleared off an individual's desk at the end of the working 
day (and if the desk is left unattended for long periods of time) and placed in the lockable storage 
which has been provided. 
 
This includes all filing trays, in trays and other desk furniture which might include this kind of 
information. 
 
The storage must be locked every night or when the office space is unoccupied and the keys 
secured in a key press. Keys must not be left in the locks overnight or when the office space is 
unoccupied.  
 
Empty Desk Policy 
 
Empty desk policy refers specifically to those members of staff who are working in the New Ways 
of Working workspaces. 
 
All members of staff, whether or not they have a fixed desk, must ensure that their desk is clear at 
the end of each working day. This means that desks will be available for use each day.
 
This means that nothing must be left on the surface of the desk. All personal items should be 
stored in your locker and working records should be returned to storage at the end of the day.
 
Lockable Storage 
 
Lockable storage must have solid sides, for example, a metal cupboard and must have a lock with 
a key or keypad. 
 
 
 
44 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
SPECIALIST GUIDANCE 
 
Specialist Guidance 1:  Specification for External Storage Provider 
 
SG1  Premises and Staff 
 
 
SG1.1  The premises must have security suitable for storing records bearing the classification, 
“NOT PROTECTIVELY MARKED”, “OFFICIAL” and “OFFICIAL – SENSITIVE” 
 
  The premises must have a method of preventing and/or detecting unauthorised 
access to the site which is connected to either a security firm or the Police.
 
 
SG1.2  The premises must not be situated on a flood plain or in an area where subsidence or 
other environmental issues are likely to occur. The site should not be close to rivers or 
any other bodies of water liable to flood.
 
 
 
The supplier should have flood protection measures in place.
 
 
SG1.3  The supplier must have a business continuity plan for each of the premises where KCC 
records are likely to be stored and must be insured for salvage of records which have 
been damaged. 
 
 
SG1.4  The premises must be protected by VESDA13 or equivalent fire detection equipment and 
there should be adequate provision to ensure that fire cannot spread between different 
components of the building. 
 
 
SG1.5  The premises must have a method of preventing and/or detecting unauthorised access to 
the storage areas where KCC records are to be stored. The supplier must evidence that 
they have a process in place for dealing with incidents of unauthorised access to the 
storage area. 
 
 
SG1.6  Members of staff must have been subject to appropriate pre-employment security checks. 
The supplier must evidence that there are processes in place to deal effectively with 
incidents involving unauthorised access to records including liaison with KCC where the 
unauthorised access may involve notification to the Information Commissioner’s Office.
 
 
SG2  Storage 
 

 
SG2.1  The supplier must be able to evidence that there are suitable temperature and humidity 
controls in the storage area. 
 
 
 
The supplier must be able to evidence that appropriate vermin and pest control systems 
are in place in the storage areas.
 
 
SG2.2  The supplier must supply unique identifying numbers in the form of barcodes so that each 
individual box/file can be tracked individually.
 
 
SG2.3  If the supplier operates storage facilities across multiple sites, KCC must agree which 
sites are used to store KCC boxes. KCC must be consulted about the relocation of any 
boxes belonging to KCC before any relocation takes place.
 
13 Very Early Smoke Detection Apparatus 
45 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
 
SG2.4  The supplier must have a tracker system in place that maintains continuity of custody from 
when the boxes leave KCC premises until they are received by the storage facility. 
 
  All boxes must be barcoded before uplift and recorded on KCC’s system;
 
  The boxes must be scanned onto the vehicle and a receipt given to KCC before the 
vehicle leaves KCC premises;
 
  The supplier must have a system of tracking vehicles whilst they are on the road 
and be able evidence that this is used as standard practice for all journeys and 
show that the records loaded on the vehicles will be secure in the event of an 
accident to or theft of the vehicle.
 
  The boxes must be scanned on receipt at the storage facility and a receipt must be 
sent to KCC for comparison.
 
  The supplier must evidence that there is a process in place for dealing with any 
boxes which appear to have been mislaid in transit that ensures that any incident is 
dealt with in a timely manner.
 
 
SG2.5  The supplier must be able to locate any box in storage belonging to KCC at any time 
during the contract.
 
 
 
The supplier must be able to evidence that there is a process in place for dealing with any 
incidents relating to records which have been misplaced.
 
 
SG2.6  The supplier should provide the facility for storage of physical records which do not fit in 
standard boxes, for example map rolls, blueprints or plans.
 
 
SG3  Retrieval of Boxes 
 

 
SG3.1  The supplier must allow the orders for retrieval of records to be received by phone, email 
and via a secure online system.
 
 
SG3.2  The supplier must have a process in place to prevent unauthorised requests for records. 
 
 
 
The supplier must evidence that there are processes in place to deal effectively with 
incidents involving unauthorised access to records including liaison with KCC where the 
unauthorised access may involve notification to the Information Commissioner’s Office.
 
 
SG3.3  The supplier must be able to provide a next day service for delivery of records (with an 
agreed cut off time for orders to be placed) as standard business as usual. 
 
 
 
The supplier should be able to provide a same day delivery of records if required in 
exceptional circumstances. 
 
 
 
The supplier must allow for the collection of records from the facility by an authorised 
member of staff if appropriate. 
 
 
SG3.4  The supplier must have a tracking system that maintains the chain of custody from when 
the box leaves the storage facility until it is received by KCC and a similar tracking system 
that maintains the chain of custody from when the box leaves the Records Management 
Service until it is received by the storage facility. 
 
 
SG3.5  The supplier must have a process so that boxes which have been retrieved from the 
46 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
storage facility can be returned.
 
 
SG3.6  The supplier must have a process to enable the permanent withdrawal of records (which 
may include transfer to another supplier)
 
 
SG3.7  The supplier must be able to facilitate access to boxes on their premises by members of 
KCC staff (which will include auditors).
 
 
SG4  Disposal of Records 
 

 
SG4.1  The supplier must have a mechanism by which the destruction of records can be 
requested by an authorised person.
 
 
 
The supplier must have a process in place to prevent unauthorised requests for 
destruction of records. 
 
 
SG4.2  The supplier must provide a secure disposal service for records which are marked “NOT 
PROTECTIVELY MARKED” and “OFFICIAL”.
 
 
 
The disposal service can be provided in house or by a third party contractor. The 
company carrying out the disposal must meet the standards outlined in BS EN 1571SG3.
 
 
SG4.3  The supplier must provide a certificate of destruction for records which have been 
disposed of. The certificate of destruction must contain:
 
  The barcode numbers relating to the boxes/files which have been disposed of
 
  The date the destruction occurred 
 
  The name of the company which carried out the disposal
 
 
SG4.4  The supplier must be able to show that where possible all paper waste is recycled.
 
 
 
Specialist Guidance 2:  Managing Shared Storage 
 
We are taking a new flexible approach to the way we work across the authority, making better use 
of our office accommodation, technology and shared resources. Whilst consideration will be given 
to information and file-storage requirements when designing shared work-spaces, individual 
service units may not have individual storage units which have been allocated solely for their use.
 
The storage available for use will vary from building to building depending on the building design. 
It is likely to include roller racking, cupboards and cabinets. All storage will be lockable. The 
storage will meet the requirements for physical storage outlined in Checklist 2 above. 
 
This section is designed to provide guidance to teams, sharing physical storage, who manage 
OFFICIAL or OFFICIAL – SENSITIVE information. 
 
SG2.1 
Allocation of Storage 
 
Prior to moving a service or team to a new location, the Project Manager must inform the Records 
Manager, who will assess storage needs. Where appropriate this will include a confidentiality 
survey and information risk assessment to identify any protection measures that need to be in 
place to prevent unauthorised access by employees, contractors or members of the public.
47 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
The Records Manager will make recommendations to the Project Manager about the type and 
quantity of storage required. This may include recommended working practices such as zoned 
areas and designated walkways see SG6.3
 
The Project Manager will consider the recommendations and consult the appropriate Service 
Managers prior to allocating storage within the work space.
 
Wherever possible, teams will be provided with storage for their sole use, however the following 
exceptions may apply: 
 
  Managers who hold sensitive personal information may be asked to share storage with 
other managers who hold similarly sensitive information.
 
  Teams who require limited storage may need to share cupboards. 
 
  Teams with large volumes of client records may need to share roller- racking14. 
 
Following a move to a new work space, the Records Manager will review storage arrangements to 
ensure they are satisfactory and identify any remedial actions
 
SG2.2 
Managing Shared Storage 
 
Wherever practical, storage will only be shared where teams manage similar types of information. 
For example, roller racking may be shared between Specialist Children’s Services teams working 
with similar clients.  
 
SG2.3 
Developing Local Procedures 
 
Once shared storage has been allocated, teams should agree local procedures and managers 
must ensure they are followed by staff. 
 
When developing local procedures, teams should consider the following points: 
 
  What would the consequences be if there was unauthorised access to the records?
  What is the likelihood of unauthorised access occurring?
  What measures are in place to prevent unauthorised access by members of the public, 
contractors or other members of staff?
 
Employees are bound by KCC terms and conditions of service to maintain confidentiality about 
individuals with whom they come into contact. This also applies to records which individuals may 
have access to during the course of their work.
 
SG2.4 
Dealing With Unauthorised Access 
 
Managers are responsible for ensuring that their staff are informed of any local procedures or 
restrictions and must take appropriate action where employees access the records of another 
 
14 Where possible roller racking will be allocated for the use of one team, however, where large amounts of storage 
are required in a working area then the roller racking may need to be allocated to two or more teams. Teams required 
to share storage will be managing information of similar sensitivity. 
48 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
team without authorisation.
 
If an employee accesses another unit’s records by accident15, then they must inform their line 
manager immediately. 
 
Where possible the shared storage should be "zoned" so that each individual service unit has an 
area which is allocated to their records. This will minimise the risk of accidental access to records
 
Local posters and notices should be provided to remind employees that they must not access 
other teams’ files and records without the appropriate authorisation.
 
SG2.5 
Managing Lockable Storage 
 
Key-holding arrangements must be in place to ensure that records and files are available when 
needed. This is especially important for shared-storage arrangements. Keys should be kept in a 
secure place in the office (preferably in a key cabinet) so they can be accessed. 
 
There are two methods of ensuring that your storage area is locked when the office is unattended.
 
Either: 
 
The storage area is kept locked at all times and staff unlock it when they need access and return 
the key when finished. 
 
Or 
 
Arrangements are put in place to unlock the storage during working hours (e.g. 8am to 6pm); 
including ensuring it is locked when the office is unattended during working hours.  
 
Specialist Guidance 3:  Managing Email 
 
Electronic mail (email) is the most common method used for the transfer of information and 
communication between colleagues. 
 
There is a common misconception that email is an information group in its own right. The 
information group relates to the information which the email contains (whether it is in the body of 
the text or in an attachment).  
 
The retention period attaches to the information contained inside the email not to the email itself 
which is why there is no retention period relating to email in the retention schedule, in the same 
way that there is not a retention period relating to faxes or to envelopes.
 
A simple ten step guide to managing email can be found below.
 
SG3.1 
Email Received by KCC from outside the organisation 
 
Email received from outside the organisation should be treated in the way that all correspondence 
is dealt with within the organisation. This will differ from one service unit to another depending on 
 
15 For example, when cupboards look alike and are in close proximity to the service unit’s own records or where 
shelves are adjacent in roller racking. 
49 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
whether the email is part of a statutory process (for example, a complaint or an insurance claim).
 
SG3.2 
Allocating Principal Record Keeper to Emails 
 
Email which is created between colleagues within the organisation or with members of the public 
or partner organisations will usually result in an email string which constitutes the record of the 
discussion or the transaction. 
 
If a principal record keeper is not assigned to the email string the likelihood is that all the recipients 
will retain the copy of the email string which makes identifying the most recent version more 
difficult and can lead to the need to disclose multiple strings of emails under the Freedom of 
Information Act 2000. 
 
Each email string which constitutes a principal record should be allocated a principal record 
keeper who will be responsible for ensuring that one copy of the email string is retained as the 
record of the conversation and that all unnecessary duplication is removed. All discussion which 
does not directly relate to the final outcome should be removed. Where there are several strings to 
the same email (i.e. two people replied to the email simultaneously) then each string should be 
treated as an individual record. 
 
If the email has been requested under the Freedom of Information Act 2000 or the General Data 
Protection Regulations 2016 and the Data Protection Act 2018 before the alterations have been 
made then the email must be left intact for disclosure purposes.
 
Once the principal record keeper has been identified it is essential that all other copies of the email 
string are disposed of. This will facilitate more effective use of the email storage system and 
facilitate disclosure of email strings when appropriate under the Freedom of Information Act 2000.
 
SG3.3 
Managing Attachments 
 
Some email is used simply for transferring documents electronically. The email system is not the 
most appropriate place to store document attachments. 
 
Where the body of the email contains information which is relevant to the attachment or puts the 
attachment in context then the whole email should be saved in the way described below.
 
Where the body of the email does not contain any relevant information then the attachment should 
be saved into the relevant electronic file and the email deleted.
 
The email system must not be used for document storage as gaining access to an individual’s 
email system to find documents in the person’s absence is time consuming and difficult.
 
SG3.4 
Email Storage 
 
MSOutlook should not be treated as a storage area for email strings. There are a number of 
reasons for this: 
  Email storage is proportionately more expensive than standard server storage; therefore, 
there is a cost benefit to the organisation by ensuring that only current email is stored in 
MSOutlook. 
 
  Access to an individual’s email system when they are not present in the office is very 
50 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
difficult and can hamper access to important documents which may be needed urgently.
 
  It is more difficult to apply retention periods to the email when it is stored in MSOutlook 
unless the email has been consistently named throughout the conversation. 
 
  When an individual leaves the organisation their email account is automatically deleted 
after 3 months, this may lead to the disposal of email which contains important information.
 
The principal record keeper for the email string (see 9.2 above) should ensure that the email string 
is transferred to the appropriate electronic folders in .msg format. At this stage it may be 
appropriate to rename the email in the subject heading (copying the email to the electronic file will 
cause the system to rename the emails if they have the same heading). When opened any .msg 
format email will open into MSOutlook and behave exactly as though it was stored in MSOutlook.
 
This needs to be done by using the copy and paste facility and then deleting the email from the 
box. ICT can supply further details about how to copy and manage email electronically.
 
Email can be transferred in .html, .rtf or .txt format using the “save as” facility. This is not advised 
as metadata hidden in the .msg format is lost16. This format will also not support the attachment 
(i.e. the attachment will be lost).  
 
Email can also be printed to or saved as pdf format. This is not advised for the same reasons 
relating to metadata outlined above unless the information in the email is being treated in the 
same way as physical correspondence would be.
 
Email can also be printed on to paper. This is not advised for the same metadata reasons above 
unless the information in the email is being treated in the same way as physical correspondence 
would be or unless the service unit is managing a predominantly paper based system (see 7.2.4).
 
SG3.5 
Email Subject Headings 
 
The email subject heading can be used to generate automated rules in email. For example, 
sending all the emails with a particular subject heading to the same folder in MSOutlook or 
sending a particular automated response to a sender.
 
Consistency in email subject headings also means that email can be easily grouped when it is 
required for disclosure. 
 
Where possible email subject headings should contain a file reference or project number so that 
an email can be easily connected to other files relating to the project or work flow. There is always 
a danger than emails can be overlooked when preparing a project file or subject file for archiving 
or when disclosure is required under Freedom of Information.
 
Where possible, personal information such as the names of clients and their dates of birth should 
not be included in the subject heading of any email. Initials or case numbers should be used in 
preference. 
 
 
 
 
16 This can cause an issue in proving legal admissibility should the email be required in a future legal case. 
51 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
SG3.6 
Assigning a Protective Marking Category to an Email 
 
The Government Connects Code of Connection (CoCo) strongly recommends that local 
authorities add a protective marking category to email (although this is not currently mandated).
 
The protective marking scheme is explained at 7.3.2 in this manual. Protective marking is 
assigned using a combination of the kind of information contained in an email together with the 
possible consequences of any unauthorised disclosure of the email.
 
Although information sets have been allocated an indicative protective marking category by the 
Records Manager it will be up to individual employees to assign the protective marking category to 
an email.  
 
52 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Ten Tips to Help Manage Email 
Is your 
email really 
Manage your 
necessary?
Use 
email, don't 
address 
let it manage 
lists 
you
carefully
ONE
Do not use 
the email 
Send the 
system as a 
link
file store
Ten Tips to 
Managing 
Email
Assign an 
Think before 
owner to 
sending 
email 
personal 
SIX
information
strings
Email is 
Use the 
disclosable
subject line
Think 
before 
forwarding 
emails
 
Tip 1  Is your email really necessary? 
 
Ask the question, “does this transaction need to be done by email?” It may be more appropriate to use 
the telephone or to speak face to face. 
 
Tip 2  Use address lists carefully 
 
Ensure that you have addressed the email to the correct person and avoid the use of address list 
groups. Also bear in mind that if all the addresses are visible that this could constitute a breach under 
the General Data Protection Regulations 2016. 
 
53 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Check your address groups regularly to ensure that only the correct recipients are a part of the group.
 
Tip 3  Send the link 
 
Email has been used traditionally for transporting information electronically. This can lead to large files 
being sent to a big group of people which then clogs up the email system. If possible put documents in 
a central place and send the link to individuals rather than the document itself. 
 
Tip 4  Think before sending personal/confidential information via email 
 
Email which is sent via the web can be routed via a number of different ISPs, which may be hosted in 
a number of different countries. Even on the secure internal email system, email can be mis-sent.  
 
You need to think about information security issues when you decide to send confidential information 
by email. The consequences of an email containing sensitive information being sent to an 
unauthorised person could be a fine from the information commissioner. Other information, if mis-sent, 
could end up on the front page of a newspaper. 
 
Where possible personal information should not be transported using the email system unless the 
sender and the recipient both have secure email accounts or are using encryption techniques.
 
If there is no other alternative the following criteria should be observed. 
  Do not include information that will identify the individual in the subject line (for example, name, 
date of birth, UPN or other identifier).
  Do not include personal information in the body of the email. 
  Make sure that the personal information is contained in a separate document which should be 
password protected where appropriate and attached to the email.
  Make sure that you send the password in a separate email or telephone the recipient to give 
them the password. 
  Include some text in the body of the email informing recipients what they should do if they have 
received the email in error. 
 
Tip 5  Use the subject line 
 
Having a clearly defined subject line assists the recipient to sort the email on receipt. A clear subject 
line also assists in filing all emails relating to individual projects together. For example, the subject line 
might be the name of the policy, or the file reference number.
 
Tip 6   Think before forwarding emails 
 
Before forwarding emails onto other employees, make sure that you have the permission of the sender 
to forward the information. The information may be copyright to someone other than KCC or the 
intellectual property rights may belong to someone else.  
 
Tip 7  Email is disclosable and can form part of a legal process
 
As email is used for all types of correspondence there is the danger that people phrase emails more 
informally than they would other documents such as memos. All email is disclosable under Freedom of 
Information and Data Protection legislation.
 
There is a tendency to phrase email in a more informal way than standard correspondence. This can 
cause issues where the email becomes disclosable under the General Data Protection Regulations 
2016or the Freedom of Information Act 2000. Information within an email cannot be redacted simply 
54 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
because it will cause embarrassment to the organisation when it is disclosed. 
 
Agreements entered into by email do form a contract. Employees need to be aware of this if they enter 
into an agreement with anyone, especially external contractors. Individual employees should not enter 
into agreements either with other members of KCC or with external contractors unless they are 
authorised to do so. 
 
The courts have held that agreements, however informally expressed in email are still legally binding 
and may be treated in the same way as a more formal contract. Therefore, email should be phrased in 
the same way that a more formal method of communication would be.
 
Tip 8  Assign an owner to email strings 
 
Each email string which constitutes a principal record should be allocated a principal record keeper 
who will be responsible for ensuring that one copy of the email string is retained as the record of the 
conversation and that all unnecessary duplication is removed. All discussion which does not directly 
relate to the final outcome should be removed. Where there are several strings to the same email (i.e. 
two people replied to the email simultaneously) then each string should be treated as an individual 
record. (see 7.1.2) 
 
Tip 9  Do not use the email system as a file store
 
The email system is intended to be a vehicle for transporting information. The email system should not 
be used as a storage system. 
 
Email should be transferred to the appropriate electronic folder in .msg format. However, other options 
include transfer in .html, .rtf or .txt format using the “save as” facility. This is not advised as metadata 
hidden in the .msg format is lost17. This format will also not support the attachment (i.e. the attachment 
will be lost). 
 
Alternatively, email can also be printed to or saved as pdf format. This is not advised for the same 
metadata reasons above unless the information in the email is being treated in the same way as 
physical correspondence would be or unless the service unit is managing a predominantly paper 
based system. 
 
Tip 10  Manage your email, don't let it manage you
 
Remember that although email may be important, it is not always urgent. Email may not always require 
an instant response. There are workflow techniques which are available to assist you manage the 
email. 
 
 

 
 
17 This can cause an issue in proving legal admissibility should the email be required in a future legal case. 
55 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Specialist Guidance 4:  Removing Physical Records from KCC Premises18 
 
There will be occasions when employees need to remove physical records19 from KCC 
premises20. This guidance should be followed whenever records containing personal or 
confidential information are removed from premises where they are stored. 
 
SG4.1 
General Principles 
 
Only take the records you need and return them as soon as possible. If possible return them the 
same day21. If this is not possible then employees must follow the requirements in Specialist 
Guidance 7. 
 
Where possible look at other alternatives to removing original records. Managers should ensure 
that a risk assessment has been completed when records marked OFFICIAL- SENSITIVE need to 
be removed from the premises. See 8.2.4
 
SG4.2 
Transporting Records 
 
All physical records should be transported in line with KCC’s procedures22. The aim is to minimise 
the risk of loss or destruction, including ensuring vehicles are secure when unattended.
 
SG4.3 
Returning Records to the Work Area 
 
Wherever possible return physical records to their normal storage before the end of the working 
day. Where this is not possible physical records must be locked in suitable storage until they can 
be returned to normal storage. 
 
Do not hold on to documents files and records longer than you need to, and try to ensure they are 
returned promptly to their storage. If possible all records should be replaced in their normal 
storage at the end of the working week. 
 
SG4.4 
Overnight Storage 
 
If employees need to store records at home overnight on a regular basis then the manager needs 
to implement the requirements laid out in Specialist Guidance 7.
 
SG4.5 
Missing Records 
 
In the event a care file cannot be found, the appropriate directorate guidance relating to dealing 
with missing files should be followed. 
 
 
18 This section was originally published at NWoW Guidance Note 3: Removing documents, files and records from KCC 
premises 
19 The term record is used to cover files and individual documents and refers, in this instance, to both principal copies 
and duplicates. The term physical includes paper and microform formats. 
20 This may include times when members of staff are unable to return records to KCC premises for a number of days. 
21 Managers should consider implementing procedures to limit the number of files which an individual can remove 
from the office or store at home. 
22 For more detailed information see the Guidance on Transporting Information Securely 
http://knet/ourcouncil/Documents/Transporting personal and/or sensitive information.pdf 
56 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
SG4.6 
Management Responsibilities 
 
Line managers are responsible for ensuring that employees and contractors who work from home 
or other non-KCC premises and who handle personal or confidential information are appropriately 
supported. This includes: 
a)  Access to guidance and training where appropriate;
b)  Procedures designed to protect information to meet KCC requirements and minimise health 
and safety risks including; 
  implementing effective systems for tracking and monitoring physical records which have 
been removed from KCC premises to ensure that records are accessible when they are 
required23; 
  minimising the risk of loss and/or breach of confidentiality during the movement and 
storage of physical records; 
  ensuring that information security incidents are reported promptly and investigated; 
c)  Allocation of appropriate equipment (e.g. lockable storage) and other resources.
 
SG4.7 
Protecting information in transit 
 
When there is a need to transport KCC documents, which are of a confidential nature i.e. personal 
to clients, or commercially sensitive, it is important to ensure precautions are taken to reduce the 
possibility of these being lost or stolen. 
 
The General Data Protection Regulations 2016 and the Data Protection Act 2018 require that all 
personal data must be kept safe and secure, ensuring that information cannot be accessed by 
unauthorised persons. Other data which may be politically or commercially sensitive must also be 
kept safe and secure.  
 
You must take all reasonable steps to ensure security is maintained when transporting KCC 
documents between work and home or between workbases. 
 
Transporting Physical Information 
 
The best guard against theft of confidential documents is to aim to avoid having to transport them 
where there is no absolute need. Therefore, you need to assess the risk of transporting 
information. See 8.2.4 
 
If there is a genuine need to transport information then you must follow the guidelines below:
 
  Avoid transporting complete files. Separate into smaller bundles if possible and transport 
only relevant documents and do not advertise that you are or will be taking home or 
transporting items of a confidential nature.
 
  The documents must be transported in a locked briefcase or sealed bag. If you transport 
confidential information on a regular basis you should consider a lockable filing box which 
can be stored in the boot of a car. As well ensuring that the documents do not get lost, you 
should ensure that the bag is waterproof so that documents are protected from water 
damage. 
 
23 This is especially important where members of staff may have to provide information to answer requests for 
information under the Freedom of Information Act 2000, the Environmental Information Regulations 1992 and data 
subject access requests (General Data Protection Regulations 2016) 
57 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
  Aim to take confidential documents directly home so that you reduce the risk of documents 
being lost or stolen en route. Paperwork and other valuables should not be kept where they 
are visible and might encourage opportunist grab crimes
 
  Documents transported in vehicles should be kept hidden away in a locked boot wherever 
possible or otherwise kept out of sight and documents should not be left unattended even in 
locked vehicles especially overnight.
 
  If you can, take confidential documents with you when you leave your vehicle. You need to 
weigh the risk of leaving them anywhere you may have taken them. 
 
  Aim to park in busy, well-lit areas or where there is CCTV coverage to discourage thieves 
and if leaving your vehicle even for ‘a second’, whilst paying for petrol, using a cash point or 
just popping into a newsagents, ensure your vehicle is secure and that doors, windows, the 
boot and sunroof are all locked. 
 
If you need to send information which has been allocated the protective marking category 
"OFFICIAL" or "OFFICIAL - SENSITIVE" by post, this must be done by special delivery requiring 
the signature of the recipient to say that it has been sent.
 
There should be processes in place to ensure that envelopes are correctly addressed and that the 
right information is placed in the envelope.
 
Transporting Electronic Information 
 
Electronic information should only be transported using KCC secure methods of transmission. You 
need to follow the guidelines below: 
 
  Where possible you should only send information to authorised email accounts. For 
example, to another member of staff within KCC or to partners outside the organisation 
using their "official" email address.
 
  You should not email information to third parties using "Hotmail", "Gmail" or other free email 
services unless you are sure that the address you have is correct and have assessed the 
risk of what the consequences will be if the information is received by someone other than 
the intended recipient. If the information contains sensitive personal information it should be 
posted. 
 
  information marked "OFFICIAL" must not be contained in the main body of the email, but 
placed in an attachment. It is possible to password protect documents and this should be 
done where possible and the password communicated to the recipient under separate 
cover. 
 
  You must not email information to your home email address. If you wish to access files 
whilst working from home and you do not have A2K or similar access then you should email 
files to yourself using your kent.gov.uk address and access the email via Outlook Web 
Access. You should not save a copy of the document to your home computer especially if it 
has been assigned an "OFFICIAL" marking as this will leave a trace on your home 
computer which could be recovered from the hard drive, even if you think you have 
disposed of it. 
58 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
  Electronic information should not be transported on a data stick or external hard drive 
unless it is absolutely necessary. For example, it may be that you wish to transport a 
presentation on the data stick which is acceptable. Where there is no alternative, 
information marked as "OFFICIAL" must be encrypted.
 
Aide Memoire for Transporting Personal Information 
 
 
 
Only take information off 
the site unless absolutely 
necessary
Make sure that your line 
Return the information as 
manager has approved 
soon as possible 
and done a risk 
assessment
Put a tracker in the system 
Do not leave information 
to show that you have 
in a vehicle overnight
taken the file
Information should be 
transported in a sealed 
container and kept out of 
sight
 
 
 
 
 
 
59 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Specialist Guidance 5:  Digital Continuity 
 
This specialist guidance should be used in conjunction with section 8.5.3.  
 
SG5.1 
The Purpose of Digital Continuity Statements 
 
A Digital Continuity Statement will not need to be applied to all the records created by individual 
service units. The retention schedule indicates which records need to be kept for longer than 7 
years. 
 
You need to identify records which need to be included in a Digital Continuity Statement as early 
as possible in the lifecycle. As maintaining digital continuity is resource intensive it is equally 
important that you identify records which should not be included in a Digital Continuity Statement. 
Digital Continuity Statements should only be applied to principal copy records. 
 
The creation of workflow and business process diagrams will assist with this process. A note will 
be made in the Information Asset Register as to whether an individual information asset will be 
subject to the Digital Continuity Statement.
 
SG5.2 
Exemplar Digital Continuity Statement 
 
Each Digital Continuity Statement should include the following information: 
 
  Statement of business purpose and statutory requirements for keeping records - The 
statement should contain a description of the business purpose for the information assets 
and any statutory requirements including the retention period for the records. This should 
also include a brief description of the consequences of any loss of data24.
 
 
  Names of the people/functions responsible for digital continuity - The statement 
should name the post-holder who holds responsibility for digital continuity and the post 
holder responsible for the information assets. The statement should be updated whenever 
there is a restructure which changes where the responsibility for digital continuity is held25.

 
  Description of the information assets to be covered by the Digital Continuity 
Statement - A brief description of the information asset taken from the IAR. 
 
  Description of when the record needs to be captured into the approved file formats - 
The record may not need to be captured in to the approved file format at its creation. For 
example, an MSWord document need not be converted to portable document format until it 
becomes semi-current. The Digital Continuity Statement should identify when the electronic 
record needs to be converted to the long term supported file formats26.
 
 
  Description of the appropriate supported file formats for long term preservation - 
This should be agreed with the appropriate technical staff.
 
 
24 By doing this the records owner will be able to show why and for how long the information assets needs to be kept. 
As digital continuity can be resource intensive, it is important that the resources are allocated to the information assets 
which require them. 
25 If the responsibility is not clearly assigned there is the danger that it may disappear as part of a restructure process 
rather than be reassigned to a different post. 
26 Workflow process diagrams can help identify the appropriate places for capture. 
60 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
  Retention of all software specification information and licence information - Where it 
is not possible for the data created by a bespoke computer system to be converted to the 
supported file formats, the system itself will need to be mothballed. The statement must 
contain a complete system specification for the software that has been used and any 
licence information which will allow the system to be retained in its entirety27.
 
 
  Description of where the information asset is to be stored. 
 
  Description of how access to the information asset is to be managed within the data 
security protocols - The data held for long term preservation must be accessible when 
required but also must be protected against the standard information security requirements 
which are laid down for records within the organisation. The statement must contain the 
policy for accessing the records and the information security requirements attached to the 
information assets, including a record of any passwords or encryption keys.
 
 
SG5.3 
Software Licences 
 
Where it is not possible to convert the information asset into one of the supported file formats [see 
SG5.11] then you must ensure that the appropriate numbers of software licences have been 
retained and that sufficient resource is available to maintain the software licences.  
 
SG5.4 
Encryption and Password Protection 
 
Where documents have been password protected or encrypted for security purposes, you should 
consider whether it is appropriate for the encryption or password protection to be removed when 
the documents are archived. If this is not possible, the passwords and/or encryption keys should 
be recorded on the Digital Continuity Statement.
 
SG5.5 
Managing Digital Continuity and Email 
 
Documents which are subject to a Digital Continuity Statement should not be retained in the email 
system but saved in one of the recognised file formats to the relevant folder in an electronic filing 
system.  
 
Where the text of the email needs to be retained as well it should be converted to a pdf/A format 
and retained in the relevant folder in an electronic filing system.
 
SG5.6 
Allocation of Resources 
 
Responsibility for the management of the digital continuity strategy, including the completion of the 
Digital Continuity Statements should rest with one named post holder within the Service Unit. This 
will ensure that each information asset is “vetted” for inclusion in the strategy and that resources 
are not allocated to records which should not be included in the strategy. 
 
Sufficient resources for conversion into the appropriate file formats, purchase of appropriate 
storage and the maintenance of any software licenses for any bespoke software must be allocated 
on the basis of the number of information assets which have been allocated Digital Continuity 
Statements. This should be reviewed on an annual basis.
 
27 If this information is not retained it is possible that the data contained within the system may become inaccessible 
with the result that the data is unusable with all the ensuing consequences. 
61 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
SG5.7 
Storage of records  
 
Where possible records subject to a Digital Continuity Statement should be “archived” to dedicated 
server space which is being backed up regularly. 
 
Where this is not possible the records should be transferred to an external hard drive which is 
clearly marked and stored appropriately. Records stored in this way must be checked regularly for 
data degradation. 
 
Flash drives (also known as memory sticks) must not be used to store any records which are 
subject to a Digital Continuity Statement. This storage media is prone to corruption and can be 
easily lost or stolen. 
 
Where a SharePoint team site has been used to store the records which are subject to a Digital 
Continuity Statement, you will need to liaise with ICT to request that either the SharePoint site is 
archived in its entirety or that the relevant documents on the site are archived to an appropriate 
place on a server. 
 
Storage methods should be reviewed on a regular basis to ensure that new technology and 
storage methods are assessed and where appropriate added to the digital continuity policy.
 
SG5.8 
Migration of Electronic Data 
 
Migration of electronic data must be considered where the data contained within the system is 
likely to be required for longer than the life of the system. Where possible system specifications 
should state the accepted file formats for the storage of records within the system. 
 
Where possible systems which use bespoke file formats should not be considered for use where 
the system is likely to be decommissioned before the end of the life of the data. Protocols for 
extraction and migration of data must be created to ensure that all the necessary safeguards are 
in place. 
 
The costs for the migration of data at the end of the life of the system must be included in any 
project brief for the replacement of the original system.
 
If data migration facilities are not included as part of the specification, then the system may have 
to be retained in its entirety for the whole retention period of the records it contains. This is not 
ideal as it may mean that employees have to look on a number of different systems to collate 
information on an individual or project. 
 
Software formats should be reviewed on an annual basis to ensure usability and to avoid 
obsolescence.  
 
SG5.9 
Degradation of Electronic Documents 
 
In the same way as physical records can degrade if held in the wrong environmental conditions, 
electronic records can degrade or become corrupted. Whilst it is relatively easy to spot if physical 
records are becoming unusable it is harder to identify whether an electronic record has become 
corrupted, or if the storage medium is becoming unstable.
 
62 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
When electronic records are transferred from the main system to an external storage device, the 
data should be backed up and two safe copies of the data should be made. The data on the 
original device and the back-ups should be checked periodically to ensure that it is still accessible. 
Additional back-ups of the data should be made at least once a year and more frequently if 
appropriate. 
 
SG5.10 
Managing Systems 
 
A Digital Continuity Statement should be created for each information system which holds records 
which need to be retained for more than 7 years.
 
Although certain parts of the Digital Continuity Statement will be common to a number of systems, 
it is vital that each system has its own individual strategy so that the information specific to the 
system, such as the software licence, can be recorded in full.
 
The statement needs to identify the post-holder responsible for holding and monitoring the Digital 
Continuity Statement and sufficient resources must be allocated to ensure that the strategy can be 
implemented. 
 
SG5.11 
Internationally Recognized File Formats 
 
Records which are the subject of a Digital Continuity Statement must be “archived” in one of the 
internationally recognised file formats. 
 
The International Standards Organisation has adopted a number of file formats which will be 
supported for at least the next 100 years. The creators of the file formats have handed all the 
information relating to the specification of the file format to the International Standards 
Organisation. 
 
The file formats are as follows28: 
 
  ISO 19005 – PDF/A
  ODF (ISO/IEC 26300) 
  Office Open XML (ISO/IEC DIS 2950029)
  HTML 
  XHTML 
  SGML 
  XML 
  MHTML 
  Plain text 
  Image format: JPEG
  Image format: JPEG2000 
  Image format: JBIG2
  PNG 
  TIFF 
  SVG 
 
28 As identified in Neil Pitman and Alan Shipman, “A Manager’s Guide to the Long-Term Preservation of Electronic 
Documents” (BIP0089) 
 
 
63 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
  MPEG-1: initial video and audio compression standard. Later used as the standard for 
Video CD and includes the popular Layer 3 (MP3) audio compression format. 
  MPEG-2: transport, video and audio standards for broadcast-quality television. Used for 
over-the-air digital television ATSC, DVB and ISDB, digital satellite TV services like Dish 
Network, digital cable television signals, SVCD and with slight modifications as the VOB 
(Video Object) files that carry the images on DVDs.
  MPEG-4: expands MPEG-1 to support video/audio “objects”, 3D content, low bit-rate 
encoding and support for digital rights management. Several new, higher efficiency video 
standards are incorporates including MPEG-4 Part 10 (or Advances Video Coding or 
H.264). MPEG-4 Part 10 may be used on HD DVD and Blu-ray discs along with VC-1 and 
MPEG-2. 
  MPEG-7: a formal XML-based metadata system for describing the content of MPEG files.
  MEPEG-21: defines an XML-based “Rights Expression Language” standard as a means of 
sharing digital rights/permissions/restrictions for digital content.
  XPS 
 
Further information relating to the formats can be found in Neil Pitman and Alan Shipman, “A 
Manager’s Guide to the Long-Term Preservation of Electronic Documents” (BIP0089). 
 
File formats should be agreed with the relevant technical officers (either from ICT expertise within 
individual service units or from ICT expertise in the wider organisation. The table below gives a 
basic outline to start the conversation. 
 
Table 130:  Guide to the mapping of source format to document format
 
Source Format 
Archive format
 
 
 
TEXT
PDF/A 
XML 
ODF 
OOXML
JPEG 
JPEG2000 
JBIG2 
TIFF 
SVG 
MPEG 
Unstructured text 
     
 
 
 
 
 
 
 
 
Structured text 
 
      
 
 
 
 
 
 
Office documents 
 
 
 
   
 
 
 
 
 
 
Presentation graphics 
 
 
 
   
 
 
 
 
 
 
Image 
 
 
 
 
 
       
 
 
Audio 
 
 
 
 
 
 
 
 
 
 
 
Video 
 
 
 
 
 
 
 
 
 
 
 
Vector graphics/CAD 
 
 
 
 
 
 
 
 
 
 
 
Others 
 
 
 
 
 
 
 
 
 
 
 
 
Any decision about which of the file formats listed above should be used for individual record 
series must include consideration as to whether the information must be preserved in an 
unalterable format. 
 
 
30 Neil Pitman and Alan Shipman, “A Manager’s Guide to the Long-Term Preservation of Electronic Documents” 
(BIP0089) 
64 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Separation2 
 
In this approach, the email is decomposed into its components, i.e. message and attachments, 
and each component is then archived. Each attachment needs to be converted to an archival 
format. 
 
Specialist Guidance 6:  Managing Information Security in Open and Shared 
Environments31 
 
The New Ways of Working programme is introducing methods of working across the authorities 
which are based on the most cost effective method of sharing working space and resources. This 
presents some issues for those teams who deal with sensitive client data on a day by day basis. If 
proper levels of confidentiality are not maintained this could lead to a breach of confidentiality 
which could result in a fine of up to £500,000 by the Information Commissioner. Equally, this could 
lead to reputational damage or injury to a client. This guidance is intended to assist managers to 
ensure that appropriate confidentiality can be maintained in the working spaces which have been 
allocated to them. 
 
SG6.1 
Roles and Responsibilities 
 
Line Managers 
 
It is the responsibility of line managers to identify the confidentiality issues as they arise during the 
early phases of the New Ways of Working project which will result in the relocation of their team.
 
They must ensure that the issues are raised with the New Ways of Working project team and the 
records manager. 
 
Once the team has moved, it is the manager’s responsibility to ensure that the team is aware of 
the procedures which have been implemented to ensure that confidentiality is maintained.
 
The manager must also be aware of the protocols in place to report breaches of confidentiality 
both in terms of overheard conversations and in loss of physical and electronic information.
 
New Ways of Working Project Responsibilities
 
It is the responsibility of the New Ways of Working project manager to ensure that a confidentiality 
survey is undertaken before the team moves. The survey will be carried out by the records 
manager and any recommendations arising from the survey will be picked up by the project 
manager. This should include an explanation of the implications to the business. 
 
It is the responsibility of the New Ways of Working project manager to ensure that sufficient 
storage is provided and that all the confidentiality issues are addressed as far as possible.
 
Information Governance Group Responsibilities
 
The Information Governance Group will manage the risks highlighted by the New Ways of Working 
project as they arise. The records manager will liaise between the Information Governance Group 
and the New Ways of Working project team.
 
31 This section was originally published separately as New Ways of Working Guidance Note 1: Working in Zones. 
65 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
The Information Governance Group will approve remedial measures which need to be 
implemented following information security breaches and monitor the implementation of these 
measures. 
 
SG6.2 
Managing Confidentiality  
 
Requirements for Confidentiality 
 
As a general rule, confidential information and confidential conversations will involve personal or 
sensitive information which carries the protective marking OFFICIAL or OFFICIAL – SENSITIVE. 
However, staff should also be aware that information which is politically or commercially sensitive 
may also fall into this category. 
 
Section 7.3.2 of this manual lays out the specification for storage which is suitable for information 
which carries the protective marking OFFICIAL or OFFICIAL – SENSITIVE. Members of staff need 
to be aware that not all documents will carry a protective marking (for example, all those 
documents which were created prior to the introduction of the Protective Marking Scheme).
 
When members of staff are making telephone calls or discussing cases which involve personal 
and/or sensitive information, they need to be confident that the people around them belong to the 
same team or belong to a team in a similar service area.
 
Risks Presented by Shared Working Areas
 
Shared working areas present two main risks which could result in confidentiality being 
compromised. 
 
  Totally flexible, shared working areas could result in conversations including personal or 
sensitive information being overheard by members of staff who should not be party to this 
information. This could lead to members of staff having to make a decision about whether 
or not they can hold a conversation or run the risk of a potential information security breach.
 
  The use of shared storage could lead to members of staff having inappropriate access to 
personal or sensitive information.
 
SG6.3 
Creation and Management of Zones 
 
Creation of Working Zones 
 
The layout of each building will be dealt with individually to meet the needs of the teams who will 
be moving into that building. It is not possible to implement a “one size fits all” solution which will 
be applied to all buildings. 
 
Each building will be divided into zones and each team will be allocated banks of desks in the 
zone so that each team has its main working area in one place. Members of the team will be 
expected to work in this area except in exceptional circumstances.
 
Zones where teams are dealing with personal or sensitive information will be designated and there 
will be limitations on which staff can work in those zones when desks become free. 
 
66 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Break out zones and unallocated hot desking areas will be made available in each building for the 
use of staff visiting the building and for staff who are unable to use a desk in their team’s 
designated working area. 
 
Each team will be allocated storage as close to their working zone as possible. This may not be 
possible where the team has special records storage requirements or where significant amounts of 
storage are required which cannot be accommodated in the team’s working area.  
 
To maximise the amount of storage which needs to be accommodated in the building, some teams 
will need to use shared storage. Storage will be allocated in accordance with confidentiality 
requirements. Initial requirements will be identified in the initial confidentiality survey and then 
monitored once the team have moved into their designated area. If required an information risk 
assessment will be undertaken to assess the risks associated with storage which has been 
allocated.  
 
Managing the Use of Working Zones 
 
Under normal circumstances, members of staff in each team will be expected to work in the area 
allocated to their team. However, there may be occasions when there are not enough desks in the 
area allocated to the team. This is when confidentiality issues might arise. 
 
Each team should have a process in place so that individual members of staff know what they 
need to do if they cannot find a desk in the allocated team area. Some of the factors which need to 
be taken into consideration are listed below:
 
  Members of staff need to be aware of which working areas have been designated as 
confidential and whether or not it is appropriate for them to work at a desk in another team 
area; 
  Members of staff need to be aware whether or not it is suitable for them to work in a shared 
hot-desking area; 
  Members of staff may need to liaise with other colleagues who may not have confidential 
work to do, so that the desks in confidential working areas are allocated appropriately;
 
If this situation occurs on a regular basis and team members are routinely unable to find a desk to 
use in an appropriate area then the issue should be raised at the Building User Group.
 
Individual members of staff will be expected to implement both clear and empty desk requirements 
 
Managers must monitor that their team are maintaining a clear desk policy on a regular basis and 
should deal promptly with any incidents. If there are not sufficient storage resources to maintain a 
clear desk policy, the manager should raise the issue at the Building User Group in the first 
instance. 
 
Each team must have a plan in place to deal with confidential records when the building needs to 
be evacuated in an emergency. 
 
 
SG6.4 
Managing Shared Storage 
 
Where possible teams will be allocated cupboards or other storage either in the area allocated to 
their team or as close as possible to this area. However, in some cases a small team might be 
67 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
responsible for a large number of files which it is not possible to accommodate in their allocated 
area. In this case it might be necessary for the teams to use shared storage 
 
Any risks associated with the use of shared storage will be identified as part of the confidentiality 
survey and where appropriate an information risk assessment will take place to identify the 
measures which need to be implemented to reduce risk. 
 
See checklist 2 and checklist 3. 
 
SG6.5 
Managing Communal Areas 
 
Routes to Kitchens and Toilets 
 
In each building there will be communal areas such as kitchens and toilets. There will also be 
break out areas and open hot desking areas. 
 
Where possible, the routes to and from the kitchens and toilets will not involve members of staff 
walking through areas where there may be confidential documents on desks or on computer 
screens which are visible. 
 
However, staff should be aware that snippets of loud conversations might be overheard by 
members of staff. Line managers should ensure that the appropriate safeguards are in place.
 
Use of Break Out Areas and Hot Desking Areas
 
Staff should be aware that confidential records should not be left unattended in break out areas or 
hot desking areas. 
 
Specialist Guidance 7:  Working Away From The Office 
 
We are taking a new flexible approach to the way we work across the authority, making better use 
of our office accommodation, technology and shared resources.
 
Employees are being encouraged to explore alternative work arrangements including permanent 
home-working or occasional home-working with periodic visits to an office space which may be 
shared. Members of staff may also be working in other places such as GP practices, housing 
offices and so on. 
 
This section applies to employees who routinely handle personal and/or sensitive information and 
either work from home or in other places on a regular basis, or work from home or in other places 
occasionally. Personal or sensitive32 information should be protectively marked to indicate its 
sensitivity in line with KCC’s Protective Marking Policy. Please be aware that telephone and face-
to-face conversations may also need to be protected where they are sensitive. 
 
Permanent or occasional home-working is likely to require the movement and temporary storage 
of physical files. If these are not managed securely, this could increase the risk of loss or an 
information security breach. The Information Commissioner can fine the authority up to £500,000 
for serious incidents. These incidents also damage our reputation and customer confidence in our 
 
32 Sensitive information will include information that is personally sensitive such as medical information, 
politically sensitive and commercially sensitive. 
68 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
data handling. 
 
This guidance sets out approaches and procedures for secure handling of physical records during 
the following activities: 
 
  Tracking physical records which are removed from the office to show who has the records 
and where they are;
  Movement of physical records between work spaces;
  Storage of physical records when not on KCC premises;
  Recovery of physical records at the end of a period of employment; 
  Investigations into the loss or theft of physical records.
 
SG7.1 
Roles and Responsibilities 
 
Corporate Responsibilities 
 
KCC is accountable for the safe and secure handling of personal and confidential information. To 
support New Ways of Working, the council will:
a)  Provide appropriate and accessible guidance and training for managers and employees.
b)  Support managers and employees in addressing common risks as they are identified, 
including information security risks and health and safety risks.
 
Management Responsibilities 
 
Line managers are responsible for ensuring that employees or contractors who handle personal 
and/or sensitive information and work from home are supported appropriately. In particular:
a)  That they have access to appropriate guidance;
b)  Are aware of procedures that have been designed to protect information appropriately and 
minimise health and safety risks; 
c)  Are allocated appropriate equipment and resources.
 
Line managers are also responsible for:
 
  implementing effective systems for tracking and monitoring physical records which have 
been removed from KCC premises to ensure that records are accessible when they are 
required33; 
 
  minimising the risk of loss and/or breach of confidentiality during the movement and storage 
of physical records;
 
  ensuring that information security incidents are reported promptly and investigated; 
 
  arranging the recovery of physical records where an employee is absent for long periods of 
time including safeguarding records where an employee is subject to internal disciplinary 
procedures; and 
 
  arranging for the return of all physical records to KCC at the end of employment.
 
33 This is especially important where members of staff may have to provide information to answer requests 
for information under the Freedom of Information Act 2000, the Environmental Information Regulations 
1992 and data subject access requests (General Data Protection Regulations 2016). 
69 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
Employee Responsibilities 
 
Employees are responsible for ensuring that they understand this guidance and know who to ask 
for further advice. [see Useful Contacts ]
 
Employees must follow procedures for the secure handling of personal and/or sensitive 
information. All equipment must be used in accordance with the procedures. 
 
SG7.2 
Management of records used by staff working at home 
 
Checking records in and out of the office
 
Once physical records have been checked out of a central storage space, there is an increased 
risk that the records could become lost, stolen or damaged. Therefore, physical records should 
only be removed from office storage when absolutely necessary. Digital copies of records should 
be used whenever possible. 
 
All staff should remember that all records belong to KCC and should be managed in a way that 
ensures that they can be located and retrieved when required. This not only applies to client files 
but also to all the records which individual members of staff may create to support the work that 
they are doing. 
 
Managers should consider implementing procedures to limit the number of files which an individual 
can remove from the office or store at home.
 
Responsibility for tracking and monitoring the removal and return of physical records must be 
assigned to an individual member of staff and included in their job description. Each team must 
implement a tracking process. [see 8.4.1]
 
SG7.3 
Transporting Records 
 
All physical records should be transported in line with KCC’s procedures34. See Specialist 
Guidance 4 for further details. 
 
Physical records should be locked in the secure storage as soon as the member of staff reaches 
home.  
 
All portable electronic storage devices should be locked in the secure storage as soon as the 
member of staff reaches home even if the device is encrypted.
 
 
 
SG7.4 
Managing records held away from the office 
 
Managing Physical Records 
 
All physical records must be managed in line with the requirements outlined in this manual.
 
34 For more detailed information see the Guidance on Transporting Information Securely 
http://knet/ourcouncil/Documents/Transporting personal and sensitive information.pdf 
70 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
Personal and/or sensitive information must be locked away when not in use. Therefore, managers 
must ensure that appropriate lockable storage is provided for home use, and retain a duplicate of 
the key at the office. Employees must lock away all personal and/or sensitive information when it 
is not in use and ensure that the key is stored securely.
 
Line managers must additionally: 
a)  Complete an information risk assessment for permanent home working. Line managers 
may use their discretion where home-working is occasional.
 
b)  Ensure employees understand KCC’s policies and procedures for records management 
and are aware of the consequences in the event they are not followed. 
 
Where employees are working away from the office intermittently, when records are stored 
overnight they must be out of sight and where possible secured in a locked briefcase or bag.
 
Records must not be stored in the boot of a car unless there is no other safer option available.
 
Archiving Physical Records 
 
Some staff working from home on a regular basis may hold records which need to be retained 
once the case has closed. [See the Corporate Retention Schedule35] These records need to be 
“archived” once the case has been closed.
 
It is the responsibility of the line manager to ensure that these records are returned to the office 
base and archived in line with KCC’s procedures. The records must be returned to the office base 
as the Records Management Service can only collect records from KCC buildings. 
 
If a member of staff does not have an office base, special arrangements will need to be made with 
the Records Management Service for the archiving of records.
 
Retrieving Archived Records 
 
Where a member of staff working at home on a routine basis needs to retrieve a record which has 
been archived they should follow the normal Records Management Service procedures.
 
The record will be delivered to the office base for the member of staff to collect and should be 
returned to the office base to be returned to the Records Management Service. 
 
If a member of staff does not have an office base, special arrangements will need to be made with 
the Records Management Service for the retrieval of archived records.
 
 
Disposal of Records 
 
All physical records must be disposed of in line with the requirements of section 9 of this manual
 
Where possible physical records containing personal and/or sensitive information should be 
returned to the office base for destruction where a record of the destruction can be created and 
 
35 http://knet/ourcouncil/Documents/retention schedule.xlsx 
71 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
retained. 
 
When employees work only from home and create local physical records, arrangements must be 
made for the secure destruction of personal and sensitive information (e.g. a shredder).
 
Managing Electronic Information 
 
Electronic work-related information should not be stored on privately owned computers or devices. 
[See 8.1.4]. 
 
Home-workers must be provided with appropriate ICT equipment if they are required to store or 
handle personal and/or sensitive information. Contact ICT for further advice. 
 
The use of on-line storage services and unencrypted storage devices for work-related personal 
and/or sensitive information is not permitted.
 
Employees are reminded that information stored outside of KCC’s networks (even on a secure 
storage device) is not available to colleagues and is not being backed up. 
 
If it is necessary to use portable storage devices then these must be stored and transported to the 
same standards as physical records. 
 
Personal and/or sensitive electronic information must not be sent from your KCC email account to 
your private email address. Documents opened on home computers leave a copy that could be 
recovered if the computer is lost or stolen.
 
Attachments opened using KCC’s Outlook Web Access do so using your home copy of Office and 
leave a copy on your hard drive. For this reason, only open or edit documents containing personal 
and/or sensitive information using A2K or other remote access service.
 
SG7.5 
Maintaining Confidentiality 
 
Employees are responsible for maintaining the confidentiality of physical records they hold and for 
ensuring that ICT is used in a way that protects client confidentiality. This includes: 
 
  Locking physical records away when not in use;
  Considering other occupants who may view personal and/or sensitive information 
accidentally or on purpose; 
  Not leaving computers logged in when unattended;
  Ensuring computer screens can’t be overlooked (screen filters may be provided to restrict 
the angle of view); 
  Privacy when using the telephone – make sure that you cannot be overheard. 
 
 
SG7.6 
Lost or Stolen Data 
 
KCC can be fined if confidentiality is breached or if personal information is lost or stolen. Any 
information security incident must be reported to your line manager and an incident report 
completed (see Information Security Policy36 and Incident Reporting Procedure) 
 
36 http://knet/ourcouncil/Policies/Information security policy.pdf 
72 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
Staff should report all losses or theft of data (including the theft and loss of electronic devices like 
laptops, BlackBerrys etc.) as soon as the loss or theft is discovered. If the data contains personal 
and/or sensitive information the loss should be reported to the Information Resilience and 
Transparency Team. 
 
It is the responsibility of the line manager to investigate the loss/theft and complete the required 
forms. The Information Resilience and Transparency Team will liaise with the line manager to 
decide whether or not the loss of personal and/or sensitive data needs to be reported to the 
Information Commissioner.
 
Any amendments to existing practice should be implemented as soon as possible after the event 
and where appropriate, the line manager should undertake an information risk assessment to 
ensure that information is being secured appropriately.
 
SG7.7 
Leaving KCC Employment 
 
Managers must have procedures in place for recovering physical and electronic records and 
equipment at the end of an employment.
 
The following actions must be completed when employment ends:
  any physical records that have been stored at home have been identified and collected;
o  Principal copy information should be returned to KCC premises and filed in the 
appropriate place; 
o  All copy/duplicate information should be returned to KCC to be disposed of in the 
way required by section 9.4 of this manual 
  that any work-related electronic records which have been held on a home computer have 
been returned to KCC systems and deleted from the home computer37. 
  that all portable storage devices with KCC data on them have been returned to KCC.
 
Where the member of staff works from home on a regular basis the line manager should work with 
the member of staff to ensure that all records are returned to KCC care in an accessible state.
 
The member of staff should ensure that all physical records are up to date and that all loose 
paperwork has been filed. These records should be handed over either to the line manager, or the 
person who will be taking on responsibility for the role as part of the exit process. 
 
The member of staff should identify all records which need to be disposed of and arrange for them 
to be returned to KCC for disposal. 
 
The member of staff should ensure that any records which are stored on their personal drive are 
transferred to the team shared area or transferred to the line manager. The line manager should 
ensure that all electronic devices including portable storage devices are returned as part of the exit 
process. 
 
The line manager is responsible for ensuring that all records have been returned to KCC. Where 
particularly sensitive information is concerned, it may be appropriate for the line manager to 
 
37 Members of staff should be aware that unless the hard drive of their home computer is constantly full, an 
imprint of any deleted document will remain until the space it occupies on the drive is overwritten. This 
imprint can be restored by using file restore software until it is overwritten. 
73 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
undertake an information governance sweep of the member of staff’s working area even though it 
may be in their home.  
 
This will need to be handled with sensitivity and is at the discretion of the line manager.
 
SG7.8 
Exceptional Situations 
 
These requirements should only be applied to members of staff who work from home on a routine 
basis.  
 
Long Term Sick Leave 
 
Where a member of staff is on long term sick leave, it is the responsibility of the line manager to 
ensure that the records which are held by an individual remain accessible. 
 
Depending on the nature of the sick leave, the line manager will have to decide whether to 
implement the guidelines listed below. However, if good records management practice has been 
implemented, the line manager should be able to ensure the accessibility to records in any 
circumstances. 
 
Once it becomes apparent that the member of staff will be on long term sick leave, the line 
manager should arrange for all current physical records to be transferred back to the office base 
so that these records are accessible to other members of staff who are covering the role.
 
All records which are stored on the individual’s personal drive38 should be transferred either to a 
team shared area or to the line manager so that they can be accessed by other members of staff 
who are covering the role. 
 
Disciplinary or Capability Procedures
 
Where a member of staff is subject to a disciplinary or capability procedure, it is the line manager’s 
responsibility to ensure that records are safeguarded. It is possible that a member of staff may 
destroy principal copy records or refuse to return records to KCC when they are part of a 
disciplinary process. 
 
It is the responsibility of the line manager to undertake a risk assessment about the likelihood of 
this happening and to take appropriate action. The risk is likely to be higher if the member of staff 
has been suspended. The line manager will also need to assess whether the records form part of 
the evidence being provided for any hearing.
 
If the line manager decides that the records are at risk they should ensure that arrangements are 
made to return records to the office base at the same time as the formal meeting to inform the 
member of staff that disciplinary action is being taken.
 
All records which are stored on the individual’s personal drive39 which relate to the job role40 
should be transferred either to a team shared area or to the line manager so that they can be 
accessed by other members of staff who are covering the role.
 
38 As a matter of good practice records should not be saved on the “H” drive but on a secure team area on 
a shared drive. This means that electronic records are regularly accessible without the line manager 
needing to take any further action. 
74 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
Where a team member has access to a shared/team drive or other sensitive systems, the line 
manager should consider suspending access to the shared area if they consider there is a risk that 
an employee might try to delete information maliciously.
 
Specialist Guidance 8:  Partnership Working 
 
SG8.1 
Introduction 
 
KCC works with partners, contractors and other agencies as part of day to day working. It is 
important that records management principles set out in this manual are applied to our partners, 
contractors and other agencies with whom we disclose information to and that we are able to 
assure those who share their information with us.
 
Where contractors and partners have been commissioned to work on KCC’s behalf, the contract 
or service level agreement must contain a clause which requires the contractor or partner to meet 
the records management requirements laid out in this manual. This will become increasingly 
important as KCC moves towards becoming a commissioning authority.
 
Where KCC is participating in multi-agency work which involves sharing information, we must 
ensure that any organisation with whom we share organisation will manage the information that 
they are being given. For example, do they have a records management policy, do they 
understand about what protective marking means? 
 
If you are unsure as to whether the organisation will manage any information you share with them 
properly please contact the Records Manager before you share information with them. This is 
especially important if the information contains personal or sensitive data. 
 
SG8.2 
Agreeing to Share Information 
 
Where possible information sharing protocols should be developed at the beginning of any 
relationship with a partner, contractor or multi agency working group. In some cases the 
information sharing will be governed by a statutory framework or will be part of the contract. There 
may also be an overarching information sharing protocol in place, such as the Kent and Medway 
Information Sharing Agreement, which relates to the sharing of information across a number of 
different agencies in Kent. 
 
However, if this is not the case, an information sharing protocol should be agreed at the beginning 
of the relationship. This may include  
  what information is to be shared and with whom;
  who is responsible for maintaining the principal copy;
  what information is to be contributed and by whom;
  how protective marking is to be allocated to the information;
  where the information is to be stored and who will have access to those systems; 
  how long the information should be retained for and how it should be disposed of;
  who will retain the information when the project/partnership closes; 
  who “holds” the information under the Freedom of Information Act 2000; 
 
 
40 Care should be taken not to transfer documents which a member of staff has created to defend a 
disciplinary case. 
75 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
  who will be responsible for making the information available to answer freedom of 
information requests and if there is a cost involved.
 
SG8.3 
Identifying the Principal Record Keeper 
 
A principal record keeper [see section 7.4] should be agreed at the beginning of the relationship 
with any partners, contractors or multi agency working groups.
 
If KCC has any liability in the decisions which are made, or actions which are taken, KCC must be 
the principal record keeper even if the records are stored, managed or hosted elsewhere.
 
SG8.4 
Assigning Protective Marking categories 
 
The principal record keeper must ensure that the information is assigned a protective marking 
category [see 7.3.2].  
 
SG8.5 
Records Storage 
 
Where KCC is the principal record keeper, information will be managed in the same way as all 
other KCC records in line with the requirements in this manual.
 
Where KCC is not the principal record keeper, you should ensure that the information will be 
managed using standards similar to KCC’s own standards. This is especially important if the 
information being shared has an "OFFICIAL" or "OFFICIAL - SENSITIVE marking. 
 
If the records are stored by an external storage supplier the storage must meet the specification in 
Specialist Guidance 1. 
 
SG8.6 
Record Retention 
 
If KCC is the principal record keeper the records should be managed using KCC’s corporate 
retention schedule. If the records do not fit any of the agreed retention periods, you need to 
contact the Records Manager who will identify the appropriate retention period and include it in the 
list. 
 
Where KCC is not the principal record keeper, you should ensure that an appropriate retention 
period has been allocated to the records.
 
SG8.7 
Record Disposal 
 
If KCC is the principal record keeper the records should be disposed of according to the protective 
marking category they have been allocated, see 7.3.2.
 
Where KCC is not the principal record keeper, you should ensure that the disposal of records 
meets or exceeds the requirements outlined in 9.4 and 9.5.
 
Specialist Guidance 9:  Managing Project Information 
 
Project information should be managed using the same requirements outlined in the earlier 
sections in this Information Management Manual. However, projects which have a clearly defined 
end date present some different issues which are detailed below. 
76 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
SG9.1 
Roles and Responsibilities 
 
SG9.1.1  All project managers must create, manage and retain records to show the progress of 
the project and to ensure that all statutory requirements are met. 
 
SG9.1.2  Record keeping policies and procedures should be agreed at the beginning of the 
project and should be included in the project plan and allocated the appropriate 
resources. 
 
 
SG9.1.3  Where the project involves multi-agency/partnership working , the principal record 
keeper should be assigned. The project manager may or may not be the principal 
record keeper. The requirements below only apply if the project manager is the principal 
record keeper. 
 
 
SG9.1.4  If the project manager is not the principal record keeper, but KCC retains some liability 
in the project then the project manager should maintain records to ensure that KCC 
could defend any subsequent legal action.
 
 
SG9.2 
Record Retention 
 
 
SG9.2.1  Allocating resources for the retention of records at the end of the project is vital.
 
 
SG9.2.2  Where external funding is involved then the requirements of the funding body for 
managing and retaining records will take precedence. Often external funding bodies will 
require longer retention periods than normally allocated.
 
 
SG9.2.3  Retention of project records will depend on the size and complexity of the project. As 
much of the organisation’s work is now undertaken by project teams it is important to 
ensure that the correct retention period is allocated to the project and that records are 
not retained for longer than necessary. The retention periods only apply to the principal 
record
.  
 
 
SG9.2.4  Some project documentation should be offered to the History Services Team for 
consideration for inclusion in the permanent corporate archive. These projects will 
include those which are high profile or controversial or which have changed the way in 
which the organisation operates.
 
 
SG9.3 
Access to Information 
 
 
SG9.3.1  All project documentation will be subject to disclosure under the Freedom of Information 
Act 2000. This may include working documents, emails and duplicate/reference 
information as well as the principal record (all of these categories are dealt with below). 
Some information may be subject to disclosure under the General Data Protection 
Regulations 2016 and the Data Protection Act 2018 or the Environmental Information 
Regulations. 
 
 
SG9.3.2  It is strongly recommended that the principal record keeper identifies which exemptions 
may apply to their project and at what stage in the lifecycle, this saves time when a 
freedom of information request is received. 
 
 
77 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
SG9.3.3  It is also strongly recommended that in the case of high profile or controversial projects 
that project managers proactively publish as much information as possible using 
dedicated web pages or via www.kent.gov.uk. This will reduce the number of freedom of 
information requests and also is a statement of the organisation’s aspiration to be as 
transparent as possible. 
 
 
SG9.3.4  As confidentiality can lessen with age, it is likely that exemptions will only run for a 
limited period of time. Therefore, all records should be created on the assumption that 
they will become disclosable at some point in the future. It is important to recognise that 
there is no exemption for embarrassment under any of the access to information 
regimes and poorly phrased records cannot be withheld for that reason. 
 
 
SG9.4 
Information Created and Owned by a Third Party 
 
 
SG9.4.1  In the course of individual projects it is likely that project managers will receive 
information generated and owned by a third party. This information should only be 
added to the principal record of the project if it has been used to inform a decision made 
during the project. It is the responsibility of the third party to retain the principal copy of 
the document.  
 
 
SG9.4.2  The third party information may be disclosable if an FoI request is received by this 
organisation. It is recommended that access to third party data is agreed with the third 
party before it is supplied to the organisation.
 
 
SG9.4.3  All information remains the intellectual property of the originating organisation. This 
includes copyright of any third party information as well as the information created by 
KCC itself. However, the Copyright, Designs and Patent Act 1988 allows for one copy to 
be made of a copyright document if it is required by another piece of legislation.
 
 
SG9.5 
Action at the End of the Project 
 
 
SG9.5.1  It is the responsibility of the principal record keeper to ensure that the records are 
deposited in an appropriate place and arrangements have been made to dispose of the 
records when the retention period has ended.
 
 
SG9.5.2  The principal record keeper should arrange for the disposal of any records which need 
to be disposed of prior to deposit in line with the requirements laid out in sections 9.4 
and 9.5. 
 
 
SG9.5.3  Where the project has been managed using a SharePoint team site it is the 
responsibility of the project manager to ensure that the SharePoint site has been 
“archived”. 
 
 
 
78 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Specialist Guidance 10:  Information Management as part of Change Management 
 
As KCC moves towards becoming a commissioning authority it is very important that information is 
managed properly and passed over to the appropriate individuals or archived as service units 
change. 
 
This guidance assumes that service units are following the requirements laid out in this manual for 
record keeping. 
 
SG10.1 
Management Roles and Responsibilities 
 
 
SG10.1.1  In times of change it is the line manager’s responsibility to ensure that all records are 
included in any transition plan and handed over as part of the exit plan. 
 
 
SG10.2 
Management of Electronic Records 
 
 
 
Electronic records can present some different issues to physical records which have to 
be stored (and therefore are usually identified when office/storage space is surveyed). 
It is harder to identify principal copies of electronic records, especially if they have not 
been named using standard naming conventions.
 
 
SG10.2.1  Where records are managed through a case management system, managers must 
ensure that any employees who are involved in transition arrangements have entered 
all the relevant information that they hold onto the case management system. Provided 
that all the relevant details have been entered, the case management system offers a 
measure of continuity which no other record keeping system in the organisation can 
provide. 
 
 
SG10.2.2  Whilst each shared drive should have an “administrator” who is responsible for 
monitoring all documents which are saved to the drive, this is not always the case.
 
 
 
Line managers should ensure that all their reports have identified which records on 
shared drives have been created or deposited by them. These records should then be 
managed using the steps below. It is practically impossible to identify the ownership of 
records which have been “abandoned” on shared drives and it takes considerable time 
to open each record to decide whether or not it is a principal copy and whether it 
should be retained. 
 
 
SG10.2.3  Line managers should ensure that all their reports have identified which records on 
their “H drives are business critical records or which are principal records. These 
records should then be managed using the steps below. As “H” drives are disposed of 
when an individual’s profile is finally closed down there is the danger that business 
critical information may be destroyed during this process.
 
 
SG10.3 
Records Management Procedures 
 
 
 
The processes and procedures outlined below are designed to ensure that the 
appropriate records are handed over to a successor or lodged safely in semi current 
storage. The tight deadlines which will usually be the result of times of transition can 
result in the disposal of business critical records (it is easier to dispose of records than 
sort them) or conversely space has to be found for non-business critical records which 
79 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
should have been disposed of (it is easier to retain records than to sort them).
 
 
SG10.3.1  Line managers should ensure that their reports have identified all the business critical 
records for which they are responsible and that the handover of these records has 
been included in the transition plan.
 
 
SG10.3.2  In times of transition there can be confusion as to which records are “principal” records 
and which are duplicates. Where this confusion exists usually either all the copies of 
the record are kept (which means that the organisation is storing more records than it 
requires) or that all the copies of the records are destroyed (which means that the 
organisation could be vulnerable to legal challenge in the future). Therefore, it is crucial 
that principal records are identified and safeguarded.
 
 
 
All principal records must be included on any transition plan. If records are “archived” 
as part of the transition phase they should be flagged as principal records. 
 
 
 
Due to the age of some of the records held in record keeping systems around the 
organisation it can be difficult to ascertain whether records fall into this category. 
Although the records may not have started out as the principal record, they may be the 
only copy remaining. In case of doubt, where these records could be used to defend 
the organisation’s liability they should be included on the transition plan with a note to 
say that these may be the only copy of the record.
 
 
SG10.3.3  Duplicate records are the records which individual employees retain for operational 
purposes (for example, minutes of meetings attended or copies of reports presented to 
meetings, agendas, reference material and so on). These records are usually 
managed outside of the principal filing system (e.g. the main file on a project may be 
held by the project manager but an individual member of staff will hold their own 
working papers. The final piece of work is included on the project file but the working 
papers do not need to be included on the file).
 
 
 
If this category of records is not clearly identified then usually they are treated as a 
principal record and “archived” rather than being disposed of which can lead to 
additional storage costs being incurred. 
 
 
 
Duplicates and operational copies can be safely disposed of where they have been 
clearly identified as such. However, if there is any doubt as to whether the record is a 
duplicate record and where these records could be used to defend the organisation’s 
liability they should be included on the transition plan with a note to say that these may 
be the only copy of the record.
 
 
SG10.4 
Transition Arrangements 
 
 
 
Where possible records should be included in all transition arrangements, although, as 
some transitions happen very quickly and without warning it is not always possible to 
make prior arrangements. 
 
 
SG10.4.1  Records should always be included in any transition plan. This may take the form of a 
project plan or simply a list of tasks to be undertaken. This also means that any 
resource required either to hand over records, have them “archived” or disposed of is 
identified and allocated. 
80 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
 
 
 
Only principal records should be handed over as part of the transition process, all other 
records should be disposed of and not included in the transition plan. 
 
 
SG10.4.2  Where possible records should be handed over to the post holder who has taken 
responsibility for that business function. However, if that person is not is in post then 
the records should be handed over to a senior manager to be passed over to the 
appropriate post-holder once they’ve been appointed. 
 
 
 
Where records which have been previously held in one function are divided amongst a 
number of other functions, the records should be clearly divided and transferred to the 
appropriate function. 
 
 
SG10.4.3  In some cases there will be no direct successor to hand the records on to. This is likely 
to be the case if a project has been completed or responsibility for a particular 
business function has ended but the records need to be kept for a statutory retention 
period. In this case it is the responsibility of senior managers in consultation with the 
Records Manager to agree a suitable place for the records to be stored and the cost of 
storage and eventual disposal covered.
 
 
SG10.4.4  If a member of staff is moving to another function within the organisation, they must not 
take any records from the previous responsibility with them as these records could be 
lost without a trace. If an appropriate senior manager has not been identified to take 
responsibility for the records and a member of staff is concerned that these records 
may not be handled appropriately then they should contact either one of the 
information governance specialists or the records manager who will ensure that the 
necessary arrangements are made.
 
 
SG10.4.5  Employees who are leaving the organisation must not take records with them unless 
the records are already in the public domain (i.e. downloadable from www.kent.gov.uk 
or KELSI). If employees wish to take records with them they must seek management 
approval before doing so. 
 
 
SG10.5 
Completing the Transition Process 
 
 
SG10.5.1  All records should be sorted out and dealt with before the transition period is over. 
There is a danger that if records are left unsorted they will be kept in perpetuity 
because no one will dare to dispose of them because nobody feels they have the 
organisation to make a decision as to whether they can be safely disposed of.
 
 
SG10.5.2  It is the responsibility of individual managers to ensure that they are aware of the 
status of all records before the staff move on and to ensure that adequate provision 
has been made for the transfer of the records.
 
 
SG10.5.3  Records must not be abandoned in buildings which are being vacated. Unless a prior 
arrangement has been made it is not the responsibility of the facilities managers to 
dispose of records which have been abandoned. The Records Manager will arrange 
for the disposal of any such records and the appropriate directorate will be charged the 
full cost of the arrangements which are made.
 
 
 
81 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Specialist Guidance 11: Criteria for Selecting Information for Historical Preservation 
 
The following are basic criteria which are used to assess whether or not information should be 
retained in the corporate archive.  
 
Minutes, meeting papers, reports and the major financial records are retained as part of the 
corporate archive. 
 
Files will only be retained as the exception rather than the rule and it is accepted that many files 
will be destroyed without the knowledge of the modern records archivist. To justify the retention of 
a file it needs to be of outstanding use and also to satisfy to at least one of the following criteria:
a)  it should contain evidence of rights and obligations of Kent County Council; 
b)  it should contain important information not summarised elsewhere, or be a useful 
summary; 
c)  it should approach a subject from a different angle to other records; 
d)  it should reveal how decisions were reached;
e)  it may relate to a subject so important that any background information needs to be 
retained. 
 
Minutes and reports to committees may well be a relatively polished and anodyne version of a 
complex series of events. A more accurate picture may be given by the minutes of working parties 
or steering groups of officers. As a general rule the minutes of working parties and steering groups 
do not appear in full in the meeting papers, but are often summarised.
 
In addition to satisfying the criteria outlined in a-e, files retained for permanent preservation should 
relate to one or more of the following: 
a)  people or events of importance to Kent County Council, and information essential for an 
understanding of the development and organisation of Kent County Council;
b)  people, events, developments or trends of particular significance to national or local 
history; 
c)  major policies adopted by Kent County Council;
d)  major developments in the organisation of Kent Council, i.e. major restructuring;
e)  events, developments or trends unique to Kent County Council or the administrative 
county of Kent; 
f)  events, items or decisions which could cause major problems in the future, e.g. nuclear 
power stations; 
g)  precedents of major importance which may influence future actions or decisions.
 
Records relating to rights and obligations may need to be kept even if they do not relate to any of 
the subjects outlined in a-g. Legal Records will deal with the majority of these records. 
 
Records will not be kept if they are duplicated among records or information held elsewhere. 
These records may include: 
  central government records, e.g. Home Office circulars; 
  records of other local government bodies; 
  records of other bodies and associations; 
  newspapers – local and national; 
  publications; 
  records of non-governmental organisations where Kent County Council is not the lead 
partner. 
 
82 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Unless the records outlined above provide a vital link in a series of records created by Kent 
County Council, it will be policy to allow the parent organisation to take responsibility for keeping 
their own records. 
 
Where possible duplicate information retained by different directorates will be weeded out so that 
one principal set of the information is retained. 
 
Useful Contacts and Resources 
 
Useful Contacts 
 
Corporate Records Manager 
 
 
 
 
 
 
Elizabeth Barber 
 
03000 415812 
xxxxxxxxx.xxxxxx@xxxx.xxx.xx 
 
Records Management Service 
03000 411802  
xxxxxxxxxxxxxxxxxxxxxxxx@xxxx.xxx.xx
 
 
 
Information Resilience & Transparency Team 
 
03000 415700  
xxxxxxxxxxxxxxxxxxxxx@xxxx.xxx.xx 
 
Service Manager - Archives and Local History  
Sarah Stanley 
 
03000 414943 
sarah.stanley@ Kent.gov.uk 
 
Heritage Services Manager 
Dr Mark Bateson 
 
03000 414852 
xxxx.xxxxxxx@xxxx.xxx.xx 
 
 
 
 
 
 
 
 
Resources 
 
Records Management Policy - This can be found on KNET at  
http://knet/ourcouncil/Key-documents/Documents/Records management policy.doc  
 
Protective Marking Policy - This can be found on KNET at 
 
http://knet/ourcouncil/Pages/protective-marking.aspx 
 
Corporate Retention Schedule - Currently the corporate retention schedule is held in MSExcel format and 
can be found KNET at  
http://knet/ourcouncil/Documents/Retention schedule.xlsx  
 
Management Guide 5 - Information Governance 

http://knet/ourcouncil/Management-guides/Pages/MG5-information-governance.aspx  
 
General Data Protection Regulations 2016 and the Data Protection Act 2018 – Link to legislation
:  
http://data.consilium.europa.eu/doc/document/ST-5419-2016-INIT/en/pdf 
 
Freedom of Information Act 2000 – Link to legislation:  
http://www.legislation.gov.uk/ukpga/2000/36/contents 
 
Lord Chancellor’s Code of Practice on the management of records issued under section 46 of the 
Freedom of Information Act 2000 
 
 
Information Governance KNet pages : http://knet/ourcouncil/Pages/information-governance.aspx 
 
Information Commissioners Office website: www.ico.org.uk  
83 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
GLOSSARY OF TERMS 
 
Business Critical Information 
See 7.1.3
Business Critical Record 
See 7.1.3
Corporate Records Manager 
The Corporate Records Manager is responsible for implementing Kent County Council’s Records 
Management Programme, ensuring that the Authority is compliant with the Freedom of Information Act 2000, 
General Data Protection Regulations 2016 and the Data Protection Act 2018 and other records management 
codes of practice.
Digital Records/Information 
Digital records/information include audio, video, images and documents which exist in computer readable 
format. Also known as electronic records/information.
Disclosure 
The release of information or data to a third party or individual.
Information Asset 
An information asset is a body of information, defined and managed as a single unit, so that it can be 
understood, shared, protected and exploited effectively. Information assets have recognisable and 
manageable values, risks, contents and lifecycles.
Information Asset Owner 
The Information Asset Owner (IAO) is a mandated role41, and individuals appointed as IAOs are responsible 
for ensuring that specific information assets are handled and managed appropriately. This means making 
sure that information assets are properly protected and that their value to the Council is fully exploited. It is 
the responsibility of IAOs to agree performance metrics for the information assets which are assigned to 
them, and to report on these performance metrics to the SIRO.
Corporate Information Asset 
A list of all the information assets owned by Kent County Council. This includes an inventory of all the 
Register (CIAR)
information sets which are created and managed by individual service units.
Evidential Value
Documents or data that are acceptable as evidence in legal proceedings.
Information Asset Surveys 
Information asset survey is the term used in Kent County Council for information audits. 
Information Set
An information set will be a subset of the Information Asset Register and is recorded in the inventory. 
Information/Data/Records 
These terms are used interchangeably 
Information Security 
The management of appropriate technical and organisational measures to protect personal information and 
other information of value to the business.
Information System
Any system, digital, paper or hybrid that processes information.
Metadata 
Metadata provides information about the content of the item. This may include the name of the author, date 
of creation, summary of content, size of document and key search terms.
 
41 The role of Information Asset Owner is mandated in the "Data Handling Procedures in Government: Final Report" (June 2008) for personal information and in the "Local 
Government Data Handling Guidelines" (November 2008) 
84 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Non Business Critical 
See section 7.1.4 
Information 
Physical  

The term physical is used to describe paper and microform formats
Principal Record 
Principal records consist of the master set of documents which will make up the record of any transaction in 
the organisation. Groups of documents will include contract documentation, project documentation, financial 
records, personnel records, records of meeting amongst others. The principal set of records will be the ones 
used to protect the organisation’s liability in any future legal action or complaint. The principal set of records 
will be the ones used to protect the organisation’s liability in any future legal action or complaint.
Principal Record Keeper 
The person or team who hold the principal record is called the principal record keeper. It is the responsibility 
of the Principal Record Keeper to ensure that the “principal” record is managed properly and passed over in 
line with the retention periods laid out in the corporate retention schedule.
SIRO 
SIRO stands for Senior Information Risk Owner. The responsibilities of the SIRO are as follows: 
  To oversee the development of an Information Risk Policy, and  a Strategy for implementing the policy 
within the existing Information Governance Framework.  
  To  take  ownership  of  the  risk  assessment  process  for  information  risk,  including  review  of  the  annual 
information risk assessment to support and inform the Statement of Internal Control.  
  To review and agree an action plan in respect of identified information risks.  
  To  ensure  that  the  organisation’s  approach  to  information  risk  is  effective  in  terms  of  resource, 
commitment and execution and that this is communicated to all staff.  
  To provide a focal point for the resolution and/or discussion of information risk issues.  
  To ensure the Board is adequately briefed on information risk issues.  
  To Appoint Information Asset Owners.
85 | P a g e  
 

Information Management Manual Version 3.2: January 2020 
 
Amendments made in version 3.1  
 
1.  All references to Data Protection Act 1998 replaced with General Data Protection Regulations 
2016 
 
2.  Section 9.1: Text “fifth data protection principle (Data Protection Act 1998)” replaced with “Article 5 
section 1e of the General Data Protection Regulations 2016” 
 
3.  The following text was added to end of Section 9.5: “If you need to dispose of CDs or DVDs 
please log a call with ICT who will arrange for thse to be removed. If this is not a workable solution 
in your circumstances, please contact the IR&T team for further advice.” 
 
Amendments made in version 3.2 
 
1  All references to General Data Protection Regulations 2016 replaced with General Data 
Protection Regulations 2016 and the Data Protection Act 2018 
 
2  p19 Text replaced with:
  OFFICIAL 
This is the default classification for all non-sensitive information. It may be used for 
routine internal communications such as reports or papers at the author’s discretion. It 
must however be used on formal documents sent to other public services or agencies.
   
 
This category can also be used for information which is politically or commercially 
sensitive. If OFFICIAL is used in this context the information must not be forwarded 
without the permission of the originator. 
 
3  p19 Footnote added to “originator”: This is so that the category Official Sensitive can be 
reserved to mark personal information only. 
 
4  p32: Link to retention schedule updated 
 
5  p31: Text “an information security breach” replaced with “a data breach” 
 
  p31: Text replaced with:
  All the information which you need to report a data breach can be found on KNET at 
 
https://kentcountycouncil.sharepoint.com/sites/KNet/_layouts/15/Doc.aspx?sourcedoc=
%7B23A04343-0CF8-4BD1-B06B-
1DA02CA71E53%7D&file=Data%20Breach%20Policy.docx&action=default&mobileredir
ect=true&DefaultItemOpen=1 
 
6  p67: Text “If confidential documents are left unattended on a desk overnight, this must be 
reported as an information security breach. [see Information Security Policy]” removed 
 
 
 
 
 
 
 
86 | P a g e