Scottish Government Records Management: NHS Code Of Practice (Scotland) Version 2.1 January 2012

SECTION 3 - NHS RECORDS MANAGEMENT AND INFORMATION LIFECYCLE

28. Records and information are considered to have a "lifecycle" from creation or receipt in the organisation, throughout the period of its 'active' use, then into the period of 'inactive' retention, (such as closed files which may still be required occasionally for reference purposes) and then finally to either confidential disposal or (for a very small proportion) permanent preservation in an archival facility.

29. A similar "information lifecycle" approach applies to managing the flow of an information system's data and associated metadata, from creation and initial storage to the time when it becomes obsolete and is deleted.

Roles and Responsibilities for Records Management and Organisational Responsibility

30. Effective records managements allows NHS organisations to provide and maintain a high level of service to patients and clinicians, in terms of accuracy, security, confidentiality, privacy, and integrity. Adherence to this code of practice will support organisations to act in accordance with legal requirements, standards, evidence based practice and professional work practice.

31. The records management function should be recognised as a specific corporate responsibility within every NHS organisation. It should provide a managerial focus for records of all types in all formats, including electronic records, throughout their lifecycle, from planning and creation through to ultimate disposal. It should have clearly defined responsibilities and objectives, and necessary resources to achieve them.

32. Designated members of staff of appropriate seniority ( i.e. Board level or reporting directly to a Board member) should have lead responsibility for corporate and health records management within the organisation. The model within each Health Board may differ dependent on local accountability. This lead role should be formally acknowledged and made widely known throughout the organisation.

33. The manager, or managers, responsible for the records management function should be directly accountable to, or work in close association with, the manager or managers responsible for Freedom of Information, Data Protection and other information governance issues as well as the Medical Director who is operationally accountable for the quality of clinical information contained within personal health records in the organisation.

Roles

The NHS Board: is responsible for ensuring that it corporately meets its legal responsibilities, and for the adoption of internal and external governance requirements.

The Chief Executive: has overall responsibility for records management in the NHS Board. As accountable officer he/she is responsible for the management of the organisation and for ensuring appropriate mechanisms are in place to support service delivery and continuity. Records Management is key to this as it will ensure appropriate, accurate information is available whenever required.

The Caldicott Guardian: has a particular responsibility for reflecting patients' interests regarding the use of patient identifiable information. They are responsible for ensuring patient identifiable information is shared in an appropriate and secure manner.

The Health Records Manager: is responsible for the overall development and maintenance of health records management practices throughout the organisation. They have particular responsibility for drafting guidance to support good records management practice in relation to clinical records and for promoting compliance with this Records Management Code of Practice, in such a way as to ensure the efficient, safe, appropriate and timely retrieval of patient information.

The Corporate Records Manager: is responsible for the overall development and maintenance of corporate and administrative records management practices throughout the organisation. They have particular responsibility for drafting guidance to support good records management practice (other than for clinical records) and for promoting compliance with this Records Management Code of Practice.

Local Records Management Co-ordinators:

The responsibility for records management at directorate or departmental level is devolved to the relevant directors, directorate and departmental managers. Senior managers of units and business functions within the NHS Board have overall responsibility for the management of records generated by their activities in compliance with the NHS Board's records management policy. Local Records Management Co-ordinators may be designated to support the Health and Corporate Records Manager(s) to oversee local implementation and compliance.

All Staff:

All NHS staff , whether clinical or administrative, who create, receive and use documents and records have records management responsibilities. All staff should ensure that they keep appropriate records of their work and manage those records in keeping with the Records Management Code of Practice and the relevant policies and guidance within their Board.

Training

34. All staff, whether clinical or administrative, should be appropriately trained so that they are fully aware of their personal responsibilities as individuals with respect to record keeping and management, and that they are competent to carry out their designated duties. This should include training for staff in the use of electronic records systems, where appropriate. It should be done through both generic and specific training programmes, complemented by organisational policies and procedures and guidance documentation. For example, Health Records Managers who have lead responsibility for personal health records and the operational processes associated with the provision of a comprehensive health record service should have up-to-date knowledge of, or access to expert advice on, the laws, guidelines, standards and best practice relating to records management and informatics.

35. NHSScotland, working closely with a number of NHS boards, has developed training based on the Institute of Health Records & Information Management's ( IHRIM) Certificates of Technical Competence ( CTC) framework. Training materials, candidate work books, trainer manuals and presentations have been developed to support candidates undertaking the course. These are available via on the Knowledge Network and at the NHS Education Scotland Admin Centre portal.

Policy and Strategy

36. Each NHS organisation should have in place an overall policy statement, endorsed by the Board and made readily available to staff at all levels of the organisation on induction and through regular update training, on how it manages all of its records, including electronic records.

37. The policy statement should provide a mandate for the performance of all records and information management functions. In particular, it should set out an organisation's commitment to create, keep and manage records and document its principal activities in this respect.

38. The policy should also:

• outline the purpose of records management within the organisation, and its relationship to the organisation's overall strategy;
• define roles and responsibilities within the organisation including the responsibility of individual NHS staff to document their actions and decisions in the organisation's records, and to dispose of records appropriately when they are no longer required;
• define roles, responsibilities and procedures for safe transfer, storage or confidential disposal of records when staff leave an organisation, or when NHS Board premises are being decommissioned;
• define the process of managing records throughout their lifecycle, from their creation, usage, maintenance and storage to their ultimate destruction or permanent preservation;
• provide a framework for supporting standards, procedures and guidelines; and
• indicate the way in which compliance with the policy and its supporting standards, procedures and guidelines will be monitored and maintained.

39. The policy statement should be reviewed at regular intervals (a minimum of once every 3 years or sooner if new legislation, codes of practice or national standards are introduced) and, if appropriate, it should be amended to maintain its currency and relevance.

Record Creation

40. Each operational unit (for example Finance, Estates and Facilities, eHealth, Human Resources, Direct Patient Care) of an NHS organisation should have in place procedures for documenting its activities. This process should take into account the legislative and regulatory environment in which the unit operates.

41. Records of operational activities should be complete and accurate in order to allow employees and their successors to undertake appropriate actions in the context of their responsibilities, to facilitate an audit or examination of the organisation by anyone so authorised, to protect the legal and other rights of the organisation, its patients, staff and any other people affected by its actions, and provide authenticity of the records so that the evidence derived from them is shown to be credible and authoritative. Appropriate version control arrangements that support the management of multiple revisions to the same document should be in place.

42. Records created by the organisation should be arranged in a record-keeping system that will enable the organisation to obtain the maximum benefit from the quick and easy retrieval of information while having regard to security.

43. Not all documents created or received by NHS employees in the course of their work need to be retained for any period of time. For example, some emails are of only passing value and can be deleted as soon as they have been read or actioned. However, emails containing significant information or instructions should be retained, as appropriate, within the record-keeping system. Many circulars and routine correspondence can be destroyed once read. It should be recognised that the decision to dispose of these records immediately is still made within the context of the overall record-keeping system.

Record Keeping

44. Implementing and maintaining an effective records management service depends on knowledge of what records are held, where they are stored, who manages them, in what form(s) they are made accessible, and their relationship to organisational functions ( e.g. Finance, Estates, IT, Direct Patient Care). An information survey or record audit is essential to meeting this requirement. The survey will provide a description of the record collection along with its location and details of the responsible manager. This helps to promote control over the records, and provides valuable data for developing records appraisal and disposal policies and procedures.

45. Paper and electronic record keeping systems should contain descriptive and technical documentation to enable the system to be operated efficiently, and the records held in the system to be understood. The documentation should provide an administrative context for effective management of the records.

46. The record keeping system, whether paper or electronic, should include a documented set of rules for referencing, titling, indexing, and the protective marking of records. These should be easily understood to enable the efficient retrieval of information when it is needed and to maintain security and confidentiality.

47. Records should be structured within an organisation-wide corporate "file plan" which reflects the functions and activities of the organisations and facilitates the appropriate sharing and effective retrieval of information.

48. Where records are kept in electronic form, wherever possible they should be held within an Electronic Document and Records Management System ( EDRMS) which conforms to the standards of the European Union "Model Requirements" (MoReq). Find more details here

49. Where an EDRMS is not yet available, electronic records should be stored on shared, network servers in a clear and meaningful folder structure. The folder structure should reflect the organisation's fileplan in the same way as paper files, which represent the functions and activities of the organisation. The server should be subject to frequent back-up procedures in line with the NHS Information Security Policy. Users should apply the functionality of the relevant software to protect electronic documents against inappropriate amendment (for example, by password protecting documents.) Please note: it is almost impossible to fully protect documents in a non- EDRMS environment, or provide full audit and authenticity evidence.

Record Maintenance - Storage Archiving and Scanning

50. The NHS organisation should put in place robust procedures to manage control of access, retrieval and use of records to ensure continued integrity, reliability and authenticity of the records as well as their accessibility for the duration of their retention until the time of their ultimate disposal.

51.NHS organisations may consider the option of scanning records which currently exist in paper format into electronic format, for reasons such as business efficiency.

Records Inventory

52. Each NHS organisation should be clear as to which departments can register records and media containing business or personal identifiable information they are maintaining. The inventory should provide a description of the record collection along with its location and details of the responsible manager. The register should be reviewed annually. Further information can be found in Records Management Guidance Note 004 here.

Records Management Systems Audit

53. The NHS organisation will regularly audit its records management practices as part of its existing audit activity. This can include checking for compliance with this Records Management Code of Practice. Results of audits will be reported to the NHS Board through the appropriate committee.

Disclosure and Transfer of Records

54. There are a range of statutory provisions that limit, prohibit or set conditions in respect of the disclosure of records to third parties, and similarly, a range of provisions that require or permit disclosure.

55. The mechanisms for transferring records from one organisation to another should also be tailored to the sensitivity of the material contained within them and the media on which they are held. Information Security staff should be able to advise on appropriate safeguards. The NHSScotland Information Security policy and eHealth Mobile Data Protection standard set out the requirements for the safe handling and transmission of corporate and health records, across a range of media.

56. In addition, guidance for administrative staff is available on The Knowledge Network.

Retention and Disposal Arrangements

57. The phrase "retention and disposal" relates to the actual processes of retention and disposal of records throughout their lifecycle ( i.e. primary storage, secondary storage - which may includes microform, scanning or summarising, archiving and confidential destruction).

58. Detailed guidance for retention and disposal of personal health records can be found in Annex B.

59. Detailed guidance for retention and disposal of administrative records can be found in Annex C.

60. It is particularly important under Freedom of Information legislation that the disposal of records - which is defined as the point in their lifecycle when they are either transferred to an archive or destroyed - is undertaken in accordance with clearly established policies which have been formally adopted by the organisation and which are enforced by properly trained and authorised staff. In addition, the disposal of records should be clearly documented.

61. The design of databases and other structured information management systems must include the functionality to dispose of time-expired records. Databases should be subject to regular removal of non-current records in line with the organisation's retention schedule.

62. Each NHS organisation should have a dated documented policy which has been written/reviewed within the last three years, for the retention, archiving or destruction of the organisation's records in accordance with this Records Management Code of Practice. The policy should be ratified by the Board or by an appropriately delegated committee of the Board for example the Health Records, Information Governance or Clinical Governance Committee. The schedules should cover all series of records held, in any media, and should state the agreed retention period and disposal action, including, where appropriate, an indication of those records which should be considered for archival preservation.

63. The records policy document should contain detailed guidance of the process to be followed to ensure complete clearance and removal of business documents, health records or documents containing person identifiable information whenever NHS premises are being decommissioned. Further information can be found in Records Management Guidance Note Number 008.

Appraisal of Records

64. Appraisal refers to the process of determining whether records are worthy of permanent archival preservation. This should be undertaken in consultation with the organisations own Archivist, or with a local authority, university or other archive where there is an existing relationship

65. It is important when reviewing records that their long term historical and research value is taken in to account. Records which document the history and development of the organisation and important policy decisions, such as board or committee minutes, annual reports, policy and strategy documents and major departmental reports and investigations, should be considered. In addition, samples of patient files and older registers and ward journals are valuable for historical medical and social research. Note that no surviving personal health or administrative record dated 1948 or earlier should be destroyed.

66. National Records of Scotland can provide advice about records requiring permanent preservation.

67. Procedures should be put in place in all NHS organisations to ensure that appropriately trained personnel appraise records at the appropriate time.

Record Closure

68. Records should be closed ( i.e. made inactive and transferred to secondary storage) as soon as they have ceased to be in active use other than for reference purposes. An indication that a file of paper records or folder of electronic records has been closed together with the date of closure, should be shown on the record itself as well as noted in the index or database of the files/folders. Where possible, information on the intended disposal of electronic records should be included in the metadata when the record is created.

69. The storage of closed records should follow accepted standards relating to environment, security and physical organisation of the files.

Record Disposal

70. Each organisation should have a retention/disposal policy that is based on the retention schedules referred to in paragraphs 58 and 59 of this Code of Practice. The policy should be supported by, or linked to, the retention schedules, which should cover all records created, including electronic records. Schedules should be arranged based on series or collection of records and should indicate the appropriate disposal action for all records. Schedules should clearly specify the agreed retention periods, which must be based on the retention schedules referred to in paragraphs 58 and 59 of this Code of Practice, for the organisation.

71. Records selected for archival preservation and no longer in regular use by the organisation should be transferred as soon as possible to an archive. No surviving personal health or administrative record dated 1948 or earlier should be destroyed.

72. Good practice suggests that non-active records should be transferred no later than 30 years from creation of the record, with electronic records being transferred within a shorter period.

73. Records (including copies) not selected for archival preservation and which have reached the end of their administrative life should be destroyed in as secure a manner as is appropriate for the level of confidentiality or protective markings they bear. This can be undertaken on site or via an approved contractor. Confidential records should be destroyed in accordance with BSEN 15713:2009 - Secure Destruction of Confidential Material - Code of Practice. It is the responsibility of the NHS organisation to ensure that the methods used throughout the destruction process provide appropriate safeguards against the accidental loss or disclosure of the contents of the records at every stage. Accordingly, contractors should be required to sign confidentiality undertakings and to produce written certification as proof of destruction. There is a common law duty of confidence to patients and employees as well as a duty to maintain professional ethical standards of confidentiality. This duty of confidence continues after an employee or contractor has left the NHS. Ethical obligations around confidentiality remain even after the death of a patient.

74. Many NHS records, including corporate ones, contain sensitive or confidential information. It is therefore vital that confidentiality is safeguarded at every stage of the lifecycle of the record, including destruction. The methods used to destroy records must be fully effective and secure their complete illegibility. Destruction by shredding or pulping is preferable. If the hospital or NHS organisation has no immediate access to an industrial shredder there are numerous firms that can provide this service. Recycling is an alternative option but this should only be considered for non-person identifiable or non sensitive business documents, otherwise the records should be shredded before being sent for recycling. This can be done on site or via an approved contractor.

75. It is important to have destruction as well as preservation policies for electronic records. It is often helpful that an expert can retrieve deleted files in an emergency, but this ability to retrieve deleted electronic data has inherent dangers for confidential information when hardware and software is discarded. It may also jeopardise the viability of a records management programme if records that are supposedly 'destroyed' can be retrieved from the system. If hardware or software is to be discarded, advice must be sought from the relevant IT Security Officer.

76. It is essential that the destruction process is documented. The following information should be recorded and preserved by the Records Manager, so that the organisation is aware of those records that have been destroyed and are therefore no longer available:

• Description of record;
• Reference number if applicable;
• Number of records destroyed;
• Date of destruction;
• Who authorised destruction;
• Who carried out the process; and
• Reason for destruction (this should refer to the retention/disposal policy).

Disposal schedules would constitute the basis of such a record.

77. Whenever patient/client records are being destroyed the relevant Master Patient Index should be updated with the date of destruction so that this is immediately known should the patient/client represent to the service or make an enquiry for access to their health records.

78. Records should not be destroyed before the end of the period stated in the Records Management Code of Practice Annex B and C. These periods reflect the statutory time limits for legal action to be taken. Any NHS Board which ignores these minimum periods would be in breach of guidelines laid down by Scottish Government, and would run the risk of being unable to defend itself against claims for alleged medical negligence.

79. If a record due for destruction is known to be the subject of a request for information, or potential legal action, destruction should be delayed until disclosure has taken place or, if the authority has decided not to disclose the information, until the complaint and appeal provisions of the Freedom of Information (Scotland) Act have been exhausted or the legal process completed. It is important to note that section 65 of FOISA and Regulation 19 of the Environmental Information (Scotland) Regulations 2004 provide that it is a criminal offence to destroy, etc. records with the intent to prevent disclosure.