How long should volunteer records be kept

Unless the employee makes it clear they are happy for this information to be shared, the manager should only tell other staff that the employee is off sick, and not the reason. Special categories of data can only be processed for more limited reasons than other personal data. For example, if you have explicit consent, or if processing is necessary for carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment.

For further information about special categories of personal data in employment, see the ICO website. All staff have a responsibility to ensure that their activities comply with the data protection principles. Line managers have responsibility for the type of personal data they collect and how they use it. Staff should not disclose personal data outside the organisation's procedures, or use personal data held on others for their own purposes.

Staff and managers will need to be aware of the range of personal information will be covered under the Data Protection Act For example, if a manager has a written copy of contact details for their team or an employee keeps customer names and numbers on post it notes on their desk, these are all covered under the Act.

If monitoring occurs, workers must be aware of the nature and reason for any monitoring. See the Acas guidance. A clear IT policy will also help to raise awareness of the risks associated with using IT and can protect your charity from loss of data. You have a responsibility to ensure that all data is kept securely on computers and that employees know their obligations in respect of IT.

You will need to take a view on whether staff are permitted to use IT equipment for personal use eg accessing webmail or shopping online at lunchtime. The policy needs to clarify acceptable and non-acceptable use and what will happen if the policy is breached. Large numbers of people use social media outside of work. Social media can distort boundaries between work and home and, if used unwisely, could affect the reputation of employers. Because employers will have different rules and expectations about the use of social media at work, policies should reflect the context in which staff are expected to work.

Help us to improve this page — give us feedback. NCVO Knowhow offers advice and support for voluntary organisations. Coronavirus Job Retention Scheme - records of the furlough agreement including:the amount claimed, claim period for each employee, the claim reference number and calculations in case HMRC need more information. For employees on flexible furlough - usual hours worked and the calculations required. Medical records and details of biological tests under the Control of Lead at Work Regulations.

Medical records under the Control of Asbestos at Work Regulations: medical records containing details of employees exposed to asbestos and medical examination certificates.

Retirement Benefits Schemes — records of notifiable events, for example, relating to incapacity. Statutory Maternity Pay records, calculations, certificates Mat B1s or other medical evidence also shared parental, paternity and adoption pay records.

Working time records including overtime, annual holiday, jury service, time off for dependents, etc. For many types of HR records, there is no definitive retention period: it is up to the employer to decide how long to keep them. Different organisations make widely differing decisions about the retention periods to adopt.

Employers must consider what a necessary retention period is for them, depending on the type of record. The advice in this factsheet is based on the time limits for potential UK tribunal or civil claims.

The period is often a question of judgement rather than there being any definitive right answer. Employers should always review the length of time personal data is kept, consider its purpose when deciding how long to retain it, and update, archive or securely delete information if it goes out of date.

The UK Limitation Act contains a 6-year time limit for starting many legal proceedings. Under the same Act, the limit for defamation proceedings is one year although this has been extended in some cases. Defamation claims may be relevant to references or interview notes. Assessments under health and safety regulations and records of consultations with safety representatives and committees.

Vaccination status is confidential, only disclosed for a significant health reason, for example to avoid unvaccinated staff meeting vulnerable people where possible. Personnel files and training records including formal disciplinary records and working time records. Redundancy details, calculations of payments, refunds, notification to the Secretary of State.

Senior executives' records that is, those on a senior management team or their equivalents. Statutory Sick Pay SSP records, calculations, certificates, self-certificates, occupational health reports. Termination of employment , for example early retirement, severance or death in service. UK - Data protection and your business.

Information Commissioner: for organisations. People Management online. CIPD members can use our online journals to find articles from over journal titles relevant to HR. Members and People Management subscribers can see articles on the People Management website. This factsheet was last updated by Lisa Ayling, solicitor and employment law specialist. However, while every care has been taken in compiling the information, the CIPD cannot be held responsible for any errors or omissions and the information is not intended as a substitute for specific legal advice.

During her career she has advised companies and individuals on diverse legal issues including contractual disputes, restrictive covenants, TUPE, redundancy, unfair dismissal and discrimination. Her practical experience includes all stages of claims in the employment tribunal, High Court and Appeal courts and many negotiated settlement agreements.

She has delivered numerous professional development courses for other members of the law profession, as well as assessing trainees on their advocacy, research and drafting skills.

Learn how to mitigate the risk of breaching legislation through policies, processes and practices relating to Data Protection and GDPR in your organisation.

Introduces data protection law in the UK, covering the obligations of employers and individual rights to accessing information. Commonly asked questions on the legal issues relating to data protection, surveillance and privacy in the workplace. Learn about defining, measuring and reporting human capital, and the value of external workforce reporting. The UK legal position How this checklist of retention periods is organised Statutory retention periods Recommended non-statutory retention periods Useful contacts and further reading Explore our related content.

Introduction All organisations collect data relating to their employees — their HR records - including information on pay, sickness absence, or hours worked.

What are HR records? Access, storage, format and destruction From 25 May , existing data protection duties in the UK were tightened up to adapt to the rapid expansion of technology and collection of data. Public sector records In the UK public sector there are many detailed rules about record retention. Other special provisions Further special provisions may affect the retention of, or access to, data. How this checklist of retention periods is organised The checklist below is divided into two parts: Records where there are UK statutory retention periods, with the statutory authorities.

Records where there are no UK statutory retention periods, with recommended retention periods. Statutory retention periods The main UK legislation regulating statutory retention periods is summarised below. Special rules apply concerning incidents involving hazardous substances see below. Accounting records Statutory retention period: 3 years for private companies, 6 years for public limited companies. Statutory authority: Section of the Companies Act as modified by the Companies Acts and Developing a document retention policy may seem overwhelming at first, but think of it as simply a record of what types of documents the nonprofit must retain and for how long.

The policy should specify that the nonprofit will also adhere to a regular business practice of document destruction according to the schedule referred to in the policy or adopted by the nonprofit from time to time. Document retention policies are one of several good governance policies that the IRS highlights on the IRS Form by asking whether the filing nonprofit has adopted a written record retention policy.

Unfortunately there is no regulation or guideline for document retention that covers all nonprofits, and we hesitate to provide a template because each nonprofit needs to investigate and learn what its own state law requires as well as retain only those documents that are relevant to activities of that particular nonprofit. Not only do state laws differ as to what must be retained, but nonprofits vary in the types of documents they generate. However, it is possible to identify a handful of documents that every charitable nonprofit should save permanently, as well as others that should be saved for a certain length of time by most nonprofits.

These categories can serve as starting point for checking state-specific regulations that address document retention or destruction rules.

Your local state association of nonprofits may offer a state-specific sample document retention policy as a member-only resource. Stay up-to-date with the latest nonprofit resources and trends by subscribing to our free e-newsletters. Member Login Search Keyword or Phrase.