Skip to main content

Destruction of patient records procedure

Contents

1 Aim

The purpose of this standard operating procedure is to establish a sound legal framework and consistent practice across all trust services in the destruction and deletion of patient records compliant with the NHS Records Management Code of Practice.

2 Scope

This standard operating procedure (SOP) applies to all colleagues working within the trust, whether employed by the trust or not; who are involved in handling patient information.

This SOP covers both paper and electronic records.

3 Links to any other associated documents

4 Procedure or implementation

On an annual basis the information governance manager will pull reports from the clinical record systems which will detail records due for deletion in line with the records management code of practice.

A match of these records can then take place with any records that are offsite.

All records that are 3 years past discharge date or deceased persons should be stored at offsite storage facility and therefore this process should capture all records without the need to search for records that meet destruction criteria onsite.

Each care group or corporate service will then be responsible for helping the records management coordinator check and authorise that the records can be destroyed.

All patient files should be held at file level, therefore staff members will be able to see individual names, NHS numbers etc. and the file can be reviewed without it leaving the box at offsite storage.

If further information is needed from within the actual file, the file can be retrieved.  When retrieved, if it is decided that the file will be destroyed, the barcodes of each file should be sent through to the information governance and data protection department to allow the data to be permanently removed from the offsite storage database and once destruction has been authorised destroy these, using the confidential waste bags.

There will be records at offsite that will not exist on the electronic clinical information systems. These will be dealt with separately as they will need to be retrieved and retained from the last date within the paper record.

On the report there will be columns that state the following:

  • date discharged
  • date reviewed
  • reviewed by
  • action:
    • retain (still within retention period)
    • retrieve (current record needs to be merged)
    • destroy (past retention period)
  • destroy date
  • where to be destroyed
    • offsite
    • locally
    • not applicable
  • next review date:
    • review in 1 year
    • review in 5 years
    • review in 10 years
    • not applicable
  • reason to retain:
    • current patient, records not required for current care
    • current patient, records to be retrieved
    • overwhelming public interest
    • historical interest
    • potential claim
    • industrial or hazardous exposure (asbestos or radiation and so on.)
    • major public health exposure or serious
    • notifiable illnesses (Ebola, Yellow fever and so on.)
    • other (please comment)
  • authorisation (head of service)
  • IG manager who authorised offsite storage
  • IG manager who authorised local destruction
  • actual destruction date

All records must be checked for any further requirement to retain, such as:  Serious Incidents which extend a deceased file by an extra 2 years.

All files must be reviewed, and the above data selected per line of record.

Once complete, the report must be emailed to the correct service manager. The service manager must then check the report and the actions stated, then forward the email to rdash.recordsmanagement@nhs.net and advise they authorise actions to be undertaken.

Notification will be sent to the Caldicott guardian that records are due to be destroyed.  This will be brought to the information governance group to check the full destruction process has been followed.

Once authorised by the Caldicott guardian and the Information governance group, the information governance manager will ask for approved records that meet the criteria and are remaining at offsite to be destroyed and for the Clinical Systems team to delete the entry on the clinical information system.

The Clinical Systems team will keep a database holding skeleton entries to allow us to know that a person has been known to the trust. Skeleton data will consist of NHS number, name, DOB and the dates when they were a patient.

The returns created by the service manager will be compiled and treated as the destruction register and will be held with the Clinical Systems team overseen.

Once the approved records have been destroyed or deleted, they will not be able to be recovered as this action is permanent.

In the event that some records need to be kept, a review date must be applied. They will then be reviewed when the next appropriate annual destruction criterion is met. Not applicable must only be selected on the report if the file is due for destruction in the report. All files must have a review date or a destruction date.

Records may be retained past their destruction date provided that there is business reason to do so. A list of reasons to retain is given and must be selected. There is an option for ‘other’ however a comment must be given and these must be suitable business reasons.  If the reasons are not satisfactory, these will be questioned by the information governance manager.

A review must be undertaken after a set period of years to consider whether the data held under the Data Protection Act 2018 is still relevant to the trust.

5 Appendices

5.1 Appendix A

  1. Information governance manager sends out a list to the records management coordinators.
  2. Records management coordinators work with corporate services or care groups to review records.

5.1.1 Box level records

  1. Ask the information governance manager for boxes to be placed on file level and an inventory sent to you.
  2. Once inventory received follow file level workflow.

5.1.2 File level records

  1. Review record.
  2. Fill out the spread sheet with the action for each record.
  3. Authorise by AD and Return to rdash.recordsmanagement@nhs.net.
  4. Authorise by Caldicott guardian and IG group.
  5. Send request to Clinical Systems team and offsite storage to delete or destroy.

Document control

  • Version: 3.
  • Unique reference number: 329.
  • Approved by: Corporate policy approval group.
  • Date approved: 5 December 2023.
  • Name of originator or author: Head of information governance or DPO.
  • Name of responsible individual: Director of health informatics.
  • Date issued: 14 December 2023.
  • Review date: 31 December 2026.
  • Target audience: All trust staff.

Page last reviewed: October 11, 2024
Next review due: October 11, 2025

Problem with this page?

Please tell us about any problems you have found with this web page.

Do not include personal or medical information in your message. For example, your name, NHS number, date of birth or medical history.