Why and when you should destroy corporate records?

May 3, 2012

Data privacy words

What records to destroy can be a bit of a mine field as different types of documents need to be kept for different periods.

Why, is a lot easier to answer!  The Seventh Principal of the Data Protection Act states that you MUST employ a data destruction service to destroy redundant confidential information that can be either in paper or electronic format. This means that destroying them yourselves is not allowed and is illegal!

The information Commissioners Office (ICO) has raised its fine from £5000 to £500,000 for breach of this rule or loss of confidential data.  That is a fine you do not want to take lightly.

So this comes back to: when must you destroy your data? The Act states that you must keep it for no longer than necessary. Nice and clear?  Not really!

Here is a quick guide from what we have been able to establish, however it is a guide and we would suggest you get professional advice if at all concerned:

  1. Tax records: Six years after the current tax year
  2. Employment records: Seven years after the employee has left
  3. Banking: Six years
  4. Contracts/leases: Indefinitely
  5. Old suppliers records: Six years

So to summarise: Any data held by your company must be destroyed by a third party company with proof of such and you must not keep it for any longer than necessary, but do not destroy it before its time others you may have serious consequences to pay, and no one wants those sort of hassles!