Part of Records and document management policy
Why we need this policy
NHS Digital creates, receives, and manages a wealth of information in a variety of formats. We all rely on information to help us work effectively and to build our corporate knowledge base for ourselves and NHS Digital. Therefore, effective records and document management will help ensure that correct, accurate and up-to- date information is easily available to the appropriate people, when needed, in a way that is legally compliant.
The correct management of records and documents is a legal compliance matter under but not limited to the following legislation:
- Public Records Act 1958
- Data Protection Act 2018
- General Data Protection Regulation 2016 (GDPR UK)
- Freedom of Information Act 2000 (FOIA)
For example, records containing personal data are susceptible to personal data breaches. To minimise the risk, in line with GDPR, do not keep information beyond the business need to hold it. See Legal obligations.
This Records and Document Management Policy underpins effective decision making, good governance, transparency, and accountability in the management of NHS Digital’s business information.
Last edited: 13 October 2022 2:05 pm