If you have completed your UK GDPR training you will be aware that a key principle of the Regulations is Storage Limitation – which means you must not keep personal data for longer than you need it. Below are some reminders for all staff to ensure you are complying with this important principle:
- You should periodically review the personal data you hold, and erase or anonymise it when you no longer need it.
- Where possible only process information in S/H Drives or the One Drive while it is live – then save it to case management systems to ensure it is erased when it reaches its retention period.
- All teams should have UK GDPR as an agenda item at their meetings to discuss and implement appropriate measures to ensure compliance.
If you are not sure and you would like to discuss how long personal data should be held for and helpful tips to guarantee it will not be held for longer than it should be, please contact Kate Butcher Deputy Data Protection Officer, for advice and guidance.