Quickly exit this site by pressing the Escape key Leave this site
We use some essential cookies to make our website work. We’d like to set additional cookies so we can remember your preferences and understand how you use our site.
You can manage your preferences and cookie settings at any time by clicking on “Customise Cookies” below. For more information on how we use cookies, please see our Cookies notice.
Your cookie preferences have been saved. You can update your cookie settings at any time on the cookies page.
Your cookie preferences have been saved. You can update your cookie settings at any time on the cookies page.
Sorry, there was a technical problem. Please try again.
This site is a beta, which means it's a work in progress and we'll be adding more to it over the next few weeks. Your feedback helps us make things better, so please let us know what you think.
1.1 Minor amendments were made to this procedure in August 2023 to paragraphs 2.6 and 9.0 replacing references to Management of Police Information with Police Information and Records Management Code of Practice.
2.1 Records are defined as ‘information created, received and maintained as evidence and/or information by an organisation or person, in pursuance of legal obligations or in the transaction of business’ (BS/ISO 15489). A record should correctly reflect what was decided or what action was taken and should display characteristics of authenticity, reliability, integrity and usability, as described below.
2.2 Completed application forms, letters, invoices and hard-copy ledgers are all documents. They are also records, since each of them provides evidence of activity. Blank forms are also documents, but they are not records. The form can become a record if it is completed and transmitted to initiate some action. Until then it is a document but not record, because it has not participated in a business activity.
2.3 Although not an exhaustive list, examples of items that can constitute records include:
2.4 This procedure/SOP therefore applies to the management of records in all technical or physical formats or media, created or received by Essex Police or Kent Police.
2.5 The purpose of this procedure/SOP is to ensure that all Essex Police and Kent Police officers and staff, and other users of the forces’ records (hereafter termed ‘users’), understand what they must do to protect and manage the forces’ records effectively and efficiently.
2.6 In managing their records, Essex Police and Kent Police will comply with all relevant legislation and guidance, including the Public Enquiries Act, the General Data Protection Regulations (GDPR) and the Police Information and Records Management Code of Practice.
2.7 Essex Police and Kent Police are the owners of all records created by employees in the course of carrying out the forces’ business related activities. This also applies to contractors/consultants/agents working on behalf of the forces. Individual employees do not own records but they do have responsibilities for managing records as an integral part of their jobs.
3.1 Records creation
3.1.1 Responsibility for the management of records created by each LPA/division/department will be owned by the relevant information asset owner (IAO). Management includes, but is not limited to, review, retention, destruction, access, storage and security.
3.1.2 The information asset owner may delegate some or all elements of their records management responsibility to the forces records manager, an asset information assistant or any other person. This must be documented and recorded so that those who are responsible can be readily identified.
3.1.3 It is the responsibility of the information asset owner to ensure that the storage location of any physical or digital records is appropriate and secure. The location of such records must be included on the force’s Asset Register, and it is the responsibility of the information asset owner to ensure that any changes are updated on the Asset Register.
3.1.4. Each IAO will apply the appropriate security classifications to their records, following policy W1006 In classifying information, IAOs must consider the threats to police information and the impact of a loss or breach of those records.
3.1.5 Each IAO will analyse business functions to aid development of classifications and filing structures (e.g. file plans). All unstructured electronic records e.g. Word, Excel, PowerPoint and email will be stored in this filing structure using the appropriate records naming conventions, version control and applying indexing information.
3.1.6 Each IAO will be responsible for determining the criteria for maintaining successive versions of records and document this.
3.1.7 The function of an index is to provide the user with a means of tracing information. Each IAO will be responsible for identifying and documenting the indexing required for records.
3.1.8 Everyone who creates or receives records has a responsibility to follow the Essex Police and Kent Police records management procedures.
3.2 Records storage and handling
3.2.1 IAOs will maintain clear responsibility for the information assets that they own (see W1005 procedure/SOP – Information Asset Owners, for a description of those responsibilities). IAOs must be aware of their records management responsibilities under data protection, freedom of information legislation and the College of Policing’s Authorised Professional Practice on information management; and be monitoring compliance with these obligations. IAOs must inform the senior information risk owners (SIROs) of the risks to the forces’ information.
3.2.2 Records require storage conditions and handling processes that take into account their specific physical properties. Storage conditions and handling processes should be designed to protect records from unauthorised access, dilapidation, loss or destruction and from theft and disaster.
3.2.3 Records should be stored on media that ensure their usability, reliability, authenticity and preservation for as long as they are needed. Migration to different software or storage medium may be required. Where a migration occurs, evidence of this should be kept, along with details of any variation in records design and format which occur in the process.
3.2.4 IAOs will determine how records need to be protected from unauthorised access, dilapidation, loss, destruction, theft and disaster and will apply the appropriate protective measures.
3.2.5 The movement of records should be documented to ensure that items can always be located when required. Each IAO will determine the level of tracking mechanisms required for records and will record the item identifier, the title, the person having possession of the item and the time/date of movement.
3.2.6 In order to provide an audit trail, the system should track the issue, transfer between persons and return of records to their ‘home’ location or storage as well as their disposition or transfer between LPAs/divisions/departments or authorised external organisations including an external store or archive.
3.3. Archived records
3.3.1 Each force has a records manager who will facilitate the storage and recall of all archived records in each force.
3.3.2 When a record is identified as being suitable for archiving, it must be submitted in line with the current policies of each respective force. If you are unsure of your obligations, please contact your relevant Records Manager.
4.1 This procedure/SOP has been assessed with regard to an EIA. As a result of this assessment it has been graded as having a low potential impact as the proposals in this procedure/SOP would have no potential or actual differential impact on grounds of age, sex, disability, race, religion or belief, marriage and civil partnership, sexual orientation, gender reassignment and pregnancy and maternity.
5.1 There is an overall risk concerning the use and management of Essex Police and Kent Police information. Advice and guidance relating to the assessment of risk is contained within the individual procedures. The Corporate Risk Register will contain any risks in relation to information security.
6.1 The following were included in the consultation during the formulation of this document:
7.1 The records manager will be responsible for ensuring that the procedure/SOP will remain current in line with HMG and ACPO policy.
7.2 This procedure/SOP will be reviewed by or on behalf of the forces’ SIROs every year.
8.1 Data security
8.1.1 Essex Police and Kent Police have measures in place to protect the security of your data in accordance with our Information Management policy.
8.2 Retention and disposal of records
8.2.1 Essex Police and Kent Police will hold data in accordance with our Records Review, Retention and Disposal policy.
8.2.2 We will only hold data for as long as necessary for the purposes for which we collected.
Policy reference: Records management (physical and digital) SOP (W1010)
Contact point: The Senior Information Risk Owners (SIROs)
Date last reviewed: August 2023
If you require any further information or to request any documentation referenced within the policy please email [email protected]. For general enquiries, contact us.