Skip to main content

Digital obsolescence and data preservation policy

Contents

1 Introduction

Rotherham, Doncaster and South Humber NHS Foundation Trust (hereafter referred to as ‘the trust’) collects and maintains substantial amounts of digital information regarding patients and the trust’s operations. The information that the trust collects and maintains is used constantly to facilitate the wellbeing of patients and colleagues, and to maintain the trust’s operations. Therefore, it is essential that digital information can be managed in a way that will ensure the effective long-term use of the data.

This policy describes how to manage, preserve and, where no longer necessary, destroy digital information and data processed by the trust, in accordance with the Data Protection Act (DPA) 2018. It provides a high-level overarching framework, within which colleagues are expected to conduct their day to-day activities and outlines how the trust is expected to manage its information.

2 Purpose

The purpose of this policy is to ensure that the trust’s digital resources will remain authentic and accessible in the future to anyone who needs them. To do so it must counter the threats of rapid technological obsolescence and the inherent fragility of digital media, by providing mechanisms to identify and predict the impacts of those threats to its resources, and to plan and execute appropriate preservation strategies to mitigate these impacts.

3 Scope

This policy relates to information resources held by or on behalf of the trust in digital form. These can be categorised as follows:

  • ‘born-digital’ resources, which were created and managed electronically for business purposes
  • ‘made-digital’ resources which were created in non-digital form but have been subsequently converted to digital form
  • ‘remade’ digital resources. These were created digitally, have been managed in non-digital form for business purposes (for example, under a ‘print to paper’ policy), but have been subsequently re-digitised for business, preservation or access purposes

Data can be created in two common methods:

  • software or hardware
  • a physical format, for example, a paper document or photographic techniques

Preservation spans the full lifetime of data. Different formats will have different life spans. For example, the longevity of a compact disc (CD) will be affected by disc rot (oxidation of reflective layer) and UV light exposure over time. At the end of this lifetime, data and the resource upon which it is stored should be securely removed, destroyed or overwritten.

This policy will be reviewed every two years or in response to significant changes due to security incidents, variations of law and or changes to organisational or technical infrastructure.

In the event of a national health emergency such as the COVID-19 pandemic, this policy still applies, unless it is superseded by specific clauses mandated by the trust’s business continuity policy.

Responsibilities, accountabilities and duties

This policy applies to all those working for the trust in whatever capacity, including the trust’s employees, volunteers, students, temporary workers, contractors, suppliers and third parties (hereafter referred to as employees). Third parties and suppliers are expected to follow this approach unless specifically excluded or where conditions have been applied within the procurement and contract management process.

A failure to follow the requirements of this policy may result in investigation and management action being taken as considered appropriate. This may include formal action in line with the trust’s disciplinary or capability procedures for trust colleagues; and other action in relation to other workers, which may result in the termination of an assignment, placement, secondment, honorary arrangement or contract for services. Additionally, failure to follow the requirements of the policy may result in a breach of the law or a criminal offence.

5 Procedure or implementation

Terminology
Term Definition
Shall This term is used to state a mandatory requirement of this policy
Should This term is used to state a recommended requirement of this policy
May This term is used to state an operational requirement of this policy

While digital technology continues to evolve, there is an ongoing requirement for the trust to access and use the data and information held upon its systems and devices, as well as information processed through or held on its behalf by third parties. The trust shall carry out audits to ensure that its digital resources follow principles that, in turn, ensure that digital records are, and remain, trustworthy and accessible against the following criteria:

  • authenticity, the trust shall carry out regular audits to ensure that digital records have not been subject to unauthorised or accidental alteration, corruption or loss
  • integrity, the trust shall maintain a thorough audit trail of actions that have been carried out through the lifecycle of a digital record
  • reliability, all archival processes and procedures undertaken to preserve digital records shall be fully documented and subject to audit
  • usability, the trust shall preserve digital records held in line with best practice and provide sufficient metadata to allow the records to be located, retrieved and interpreted

Record creators should consider the preservation of digital content at the point of its creation. This is to ensure that records, deemed sufficient in value to be preserved for the long term, are created in a manner that will facilitate their preservation. Further details on record retention and destruction, including timescales, can be found in the records retention and destruction policy.

The information shall be allocated to an Information asset owner (IAO) who shall be responsible for its appropriate handling in keeping with the information handling and classification policy, and for ensuring that it is only accessed by authorised personnel.

Digital files to be preserved shall be managed within structured, secured, dedicated folders on local and corporate servers.

The infrastructure required for digital preservation shall be sustainable for as long as there is a need for the digital resources it manages.

Full back-up routines shall be implemented to provide disaster recovery capability.

On occasion, the use of removable media may be necessary for record retention and storage. If removable media is required to be used, gold coated CD-R and DVD-Rs or Ultrium magnetic tape cartridges shall be used and stored in an appropriate environment. In addition, the following criteria when using removable media shall be met:

  • removable media shall be checked annually for signs of physical deterioration and technical obsolescence
  • migration to new removable media shall be carried out where necessary to ensure continuing access to the digital files
  • all removable media shall be used in accordance with the acceptable use policy

Appraisal and selection of digital records that are intended to be managed and preserved shall comply with the trust’s records management policy and be undertaken in consultation with the relevant IAO and the information governance manager (IGM).

At the point of accession into the archive, digital records shall be properly screened and documented to ensure the ‘chain of custody’ is maintained, the records retain authenticity, and that the digital preservation process begins with good quality data and metadata. To achieve this, the trust shall:

  • quarantine records prior to accession into archives and conduct anti-virus checks to ensure the incoming digital records should pose no threat to the integrity of other records
  • identify, characterise and validate file formats
  • gather appropriate descriptive, administrative and preservation metadata
  • conduct fixity checks to ensure the authenticity of accessioned records
  • generate a ‘preservation’ and ‘access’ copy of the original

The trust shall ensure that the physical infrastructure and IT systems required to store and manage its digital archive is protected from accidental or deliberate damage in accordance with the physical environmental information security policy.

The deletion of digital resources and metadata shall only be allowed under controlled and authorised circumstances. Essentially, all devices and media that are to be retired from the trust’s use should be securely removed, destroyed, or overwritten.

It is important to bear in mind that one of the key principles of the DPA or general data protection regulation (GDPR) prohibits the retention of personal data for longer than is necessary. While there are always minimum periods for which records must be retained, there may be occasions when records need to be kept for longer. Recommended minimum lengths of retention of medical records may be found in the advice given in the Information Records Management Code of Practice 2021.

The recommendations apply irrespective of the form in which records are held. Record holders are under a legal and ethical obligation to maintain records safely and securely.

Although the definition of ‘necessary’ will vary, where a decision is made to retain records for longer than the periods advised by this guidance, it is important that this is supported by explicit reasons, which should ordinarily be recorded in the records, and signed off by the senior information risk owner (SIRO) in accordance with the information governance policy.

The trust shall conduct preservation planning to monitor the technological, financial, legislative and institutional environment and mitigate the risks of change to the accessibility of digital records. The trust shall carry out preservation planning in accordance with guidance provided by NHS digital, the national cyber security centre (NCSC) and other relevant government authorities or applicable legislation.

Risk assessment, regular risk assessments shall be undertaken on the trust’s digital records to determine the level of preservation action required.

Impact assessment, the trust shall prioritise the actions it needs to take in accordance with external changes in the technology landscape, and in keeping with the risk appetite established by the board. This is set out in the Information risk management policy.

6 Training implications

6.1 All employees DSA

  • How often should this be undertaken: Upon commencement of employment and annually thereafter.
  • Length of training: 1 and a half hours.
  • Delivery method: E-learning or face to face.
  • Training delivered by whom: IG or NHS digital e-learning package.
  • Where are the records of attendance held: ESR.

7 Monitoring arrangements

7.1 Policy

  • How: Review of best practice against the policy will be undertaken annually through auditing.
  • Who by: Head of information governance.
  • Reported to: Information governance group and health informatics group.
  • Frequency: Annually.

8 Equality impact assessment screening

To access the equality impact assessment for this policy, please email rdash.equalityanddiversity@nhs.net to request the document.

8.1 Privacy, dignity and respect

The NHS Constitution states that all patients should feel that their privacy and dignity are respected while they are in hospital. High Quality Care for All (2008), Lord Darzi’s review of the NHS, identifies the need to organise care around the individual, ‘not just clinically but in terms of dignity and respect’.

As a consequence the trust is required to articulate its intent to deliver care with privacy and dignity that treats all service users with respect. Therefore, all procedural documents will be considered, if relevant, to reflect the requirement to treat everyone with privacy, dignity and respect, (when appropriate this should also include how same sex accommodation is provided).

8.1.1 How this will be met

No issues have been identified in relation to this policy.

8.2 Mental Capacity Act 2005

Central to any aspect of care delivered to adults and young people aged 16 years or over will be the consideration of the individuals’ capacity to participate in the decision-making process. Consequently, no intervention should be carried out without either the individual’s informed consent, or the powers included in a legal framework, or by order of the court.

Therefore, the trust is required to make sure that all colleagues working with individuals who use our service are familiar with the provisions within the Mental Capacity Act. For this reason all procedural documents will be considered, if relevant to reflect the provisions of the Mental Capacity Act 2005 to ensure that the rights of individual are protected and they are supported to make their own decisions where possible and that any decisions made on their behalf when they lack capacity are made in their best interests and least restrictive of their rights and freedoms.

8.2.1 How this will be met

All individuals involved in the implementation of this policy should do so in accordance with the Principles of the Mental Capacity Act 2005.

10 References

  • Data Protection Act 2018.
  • UK General Data Protection Regulations 2018.
  • National Cyber Security Centre (NCSC).

Document control

  • Version: 2.1.
  • Unique reference number: 604.
  • Date approved: 15 January 2024.
  • Approved by: Corporate policy approval group.
  • Name of originator or author: Head of IG or DPO.
  • Name of responsible individual: Director of health informatics or SIRO.
  • Date issued: 16 January 2024.
  • Review date: 31 August 2026.
  • Target audience: All employees.

Page last reviewed: September 13, 2024
Next review due: September 13, 2025

Problem with this page?

Please tell us about any problems you have found with this web page.

Do not include personal or medical information in your message. For example, your name, NHS number, date of birth or medical history.