Indicator 5

An overall increase in the number of organisations actively doing authorised destruction of information

What we asked and why it is important

In Q.39 we asked survey participants whether they had actively destroyed information in the past 12 months (that is, planned and authorised destruction as distinct from loss through negligence or accidental destruction).

This indicator focuses on destruction as one of the approved methods of disposal. We also asked questions about other methods of disposal, which are discussed in the full survey findings report.

Actively destroying information that is no longer required for business purposes or long-term preservation is a key element of effective IM. The benefits from active, authorised destruction include:

  • decreased storage costs;
  • increased system efficiency and effectiveness, as the properly justified destruction of low value information means an organisation’s high value information is less obscured, more discoverable and easier to manage; and
  • mitigation of the risks associated with retaining information for longer than required (e.g. privacy and security breaches, unauthorised access or destruction).

What we found

Figure 9 shows that of the 166 public offices, 104 (63%) are doing some form of authorised destruction of information.

This destruction is mostly the destruction of physical information only, or of both physical and digital information. For local authority organisations, 78% are destroying some information.

Overall, 75 organisations (33% of the 226 public and local authority organisations) stated they destroyed no information in the last 12 months.

Figure 9: Organisations that have undertaken authorised destruction of information in the last 12 months

Figure 9 shows that of the 166 public offices, 104 (63%) are doing some form of authorised destruction of information. This destruction is mostly the destruction of physical information only, or of both physical and digital information. For local authority organisations, 78% are destroying some information. Overall, 75 organisations (33% of the 226 public and local authority organisations) stated they destroyed no information in the last 12 months.

Figure 9 shows that of the 166 public offices, 104 (63%) are doing some form of authorised destruction of information. This destruction is mostly the destruction of physical information only, or of both physical and digital information. For local authority organisations, 78% are destroying some information. Overall, 75 organisations (33% of the 226 public and local authority organisations) stated they destroyed no information in the last 12 months.

The challenges facing organisations in the destruction of information are set out in Figure 10. The top challenge faced is that systems have not been set up to automate regular authorised destruction, with the lack of resources put towards sentencing activities another key challenge.

Both of these could be linked to other indicators, including a lack of staff with appropriate IM skills (Indicator 2), and not building IM requirements into new systems (Indicator 4).

Figure 10: Challenges faced by organisations for undertaking regular, approved and authorised destruction of information

Figure 10 shows what challenges organisations face in order to undertake authorised and approved destruction of information. The top challenge faced is that systems have not been set up to automate regular authorised destruction, with the lack of resources put towards sentencing activities another key challenge. Both of these challenges could be linked to other indicators, including a lack of staff with appropriate IM skills (Indicator 2), and not building IM requirements into new systems (Indicator 4). Other challenges are: Destruction is not seen as a priority for staff responsible for deletion of information in systems (for example IT staff). It is difficult to obtain approvals and/or sign-off from business owners, Lack of confidence sentencing has been done accurately. Cost of secure destruction or deletion through the storage provider.

Figure 10 shows what challenges organisations face in order to undertake authorised and approved destruction of information. The top challenge faced is that systems have not been set up to automate regular authorised destruction, with the lack of resources put towards sentencing activities another key challenge. Both of these challenges could be linked to other indicators, including a lack of staff with appropriate IM skills (Indicator 2), and not building IM requirements into new systems (Indicator 4). Other challenges are: Destruction is not seen as a priority for staff responsible for deletion of information in systems (for example IT staff). It is difficult to obtain approvals and/or sign-off from business owners, Lack of confidence sentencing has been done accurately. Cost of secure destruction or deletion through the storage provider.

Recommendations

Our general disposal authorities (GDAs) (GDA 6 & GDA 7) have been developed for the public sector to enable the lawful destruction of common corporate records without requiring organisation-specific authorisation from the Chief Archivist. GDAs are designed to make it easy to destroy administrative information that has no long-term value.

We recommend that:

  • at a minimum, organisations establish policies, plans and capability to apply GDAs regularly and continuously to physical and digital administrative information that can be lawfully destroyed; and
  • organisations with an approved organisation-specific DA start applying it by destroying information as appropriate.
Back to: Survey of Public Sector Information Management