DIGITAL OBSOLESCENCE FEBRUARY 2020

This Policy supersedes all previous policies for Data Protection

Policy title Digital Obsolescence

Policy COR71 reference Policy category Corporate Policies

Relevant to All Staff

Date published February 2020

Implementation date Date last reviewed Next review February 2023 date Policy lead Mahwish Noor, Information Governance Manager

Contact details Email: [email protected] Telephone: 020 3317 7100

Accountable Jeffrey Boateng, Director of Clinical Information Management Director

Approved by Information Governance Steering Group (Group):

Approved by (Committee): Audit and Risk Committee

Document Date Version Amendments history September 1 New 2019

Membership of the Policy development/ Information Governance Manager review team

Consultation Members of the Information Governance Steering Group

Summary 1. The legislative requirements that the Trust must comply with and how this affects the ongoing collection and maintenance of personal data. 2. How to ensure that the Trust’s digital resources remain authentic and accessible both in the present and the future to anyone who needs them. 3. How the Trust will ensure the ongoing preservation of its Information Assets DO NOT AMEND THIS DOCUMENT

Further copies of this document can be found on the Foundation Trust Intranet.

2

SUMMARY: DIGITAL OBSOLESCENCE POLICY

Purpose of this policy The purpose of this Policy is to ensure that the Trust‟s digital resources will remain authentic and accessible in the future to anyone who needs them. To do so it must counter the threats of rapid technological obsolescence and the inherent fragility of digital media, by providing mechanisms to identify and predict the impacts of those threats to its resources, and to plan and execute appropriate preservation strategies to mitigate these impacts. Who it applies to Applies to all those employed by the Trust, including students, volunteers, contractors, temporary staff or any individual carrying out work on behalf of the Trust as well as Third Parties and Suppliers who may hold information belonging to the Trust. What it includes in detail Policy describes how to manage, preserve and, where it is no longer necessary, destroy digital information and data processed by the Trust with current data protection legislation. It provides a high-level overarching framework within which employees are expected to conduct their day-to-day activities, and how the Trust is expected to manage its information. Important points for all staff

 The Trust shall carry out audits to ensure that its digital resources follow principles that, in turn, ensure that digital records are, and remain, trustworthy and accessible.  Record creators should consider the preservation of digital content at the point of its creation to ensure that records, deemed sufficient in value to be preserved for the long-term, are created in a manner that will facilitate their preservation.  The information shall be allocated to an Information Asset Owner (IAO) who shall be responsible for its appropriate.  In regard to archive; at the point of accession into the archive, digital records shall be properly screened and documented to ensure the „chain of custody‟ is maintained, the records retain authenticity and that the process begins with good quality data and metadata.  The deletion of digital resources and metadata shall only be allowed under controlled and authorised circumstances.

Additionally includes The Trust collects and maintains substantial amounts of digital information regarding patients and the Trust‟s operations. The information that the Trust collects and maintains is used constantly, to facilitate the wellbeing of patients and employees, and to maintain Trust operations. Therefore, it is essential that digital information can be managed in a way that will ensure the long-term use of the data.

3

Contents

1. Purpose ...... 5 2. Scope ...... 5 3. Applicability ...... 6 4. Terminology ...... 6 5. Policy ...... 6 6. Monitoring and Evaluation ...... 8 7. Related Policies ...... 9

4

1. Purpose

1.1. Camden and Islington NHS Foundation Trust (hereafter referred to as “the Trust”) collects and maintains substantial amounts of digital information regarding patients and the Trust‟s operations. The information that the Trust collects and maintains is used constantly, to facilitate the wellbeing of patients and employees, and to maintain Trust operations. Therefore, it is essential that digital information can be managed in a way that will ensure the long-term use of the data.

1.2. The purpose of this Policy is to ensure that the Trust‟s digital resources will remain authentic and accessible in the future to anyone who needs them. To do so it must counter the threats of rapid technological obsolescence and the inherent fragility of digital media, by providing mechanisms to identify and predict the impacts of those threats to its resources, and to plan and execute appropriate preservation strategies to mitigate these impacts.

1.3. This Policy describes how to manage, preserve and, where it is no longer necessary, destroy digital information and data processed by the Trust, in accordance with the Data Protection Act 2018 (DPA 2018). It provides a high-level overarching framework within which employees are expected to conduct their day- to-day activities, and how the Trust is expected to manage its information.

2. Scope

2.1. This Policy relates to information resources held by or on behalf of the Trust in digital form. These can be categorised as follows:  „Born-digital‟ resources, which were created and managed electronically for business purposes;  „Made-digital‟ resources which were created in non-digital form but have been subsequently converted to digital form; and  „Remade‟ digital resources. These were created digitally, have been managed in non-digital form for business purposes (e.g. under a „print to paper‟ policy), but have been subsequently re-digitised for business, preservation or access purposes.

2.2. Data can be created in two common methods:

/ hardware;  a physical format e.g. a paper document or photographic techniques.

2.3. Preservation spans the full lifetime of data. Different formats will have different life spans. For example, the longevity of a (CD) will be affected by disc rot (oxidation of reflective layer) and UV light exposure over time. At the end of this lifetime, data and the resource upon which it is stored should be securely removed, destroyed, or overwritten.

5

3. Applicability

3.1. This Policy applies to all those employed by the Trust, including students, volunteers, contractors, temporary staff or any individual carrying out work on behalf of the Trust as well as Third Parties and Suppliers (hereafter collectively referred to as “Employees”), who may hold information belonging to the Trust. Suppliers are expected to follow this approach unless specifically excluded or where conditions have been applied within the procurement and contract management process.

3.2. All Employees are expected to comply with this Policy at all times, including outside of regular working hours, to protect the privacy, confidentiality and interests of the Trust, its services, staff, partners and service users.

4. Terminology

Term Meaning / Application SHALL This term is used to state a mandatory requirement of this Policy SHOULD This term is used to state a recommended requirement of this Policy MAY This term is used to state an operational requirement of this Policy 5. Policy

5.1. While digital technology continues to evolve, there is an ongoing requirement for the Trust to access and use the data and information held upon its systems and devices, as well as information processed through or held on its behalf by Third Parties. The Trust shall carry out audits to ensure that its digital resources follow principles that, in turn, ensure that digital records are, and remain, trustworthy and accessible against the following criteria:

5.1.1. Authenticity – the Trust shall carry out regular audits to ensure that digital records have not been subject to unauthorised or accidental alteration, corruption or loss;

5.1.2. Integrity – the Trust shall maintain a thorough audit trail of actions that have been carried out through the lifecycle of a digital record;

5.1.3. Reliability – all archival processes and procedures undertaken to preserve digital records shall be fully documented and subject to audit; and

5.1.4. Usability – the Trust shall preserve digital records held in line with best practice and provide sufficient metadata to allow the records to be located, retrieved and interpreted.

5.2. Record creators should consider the preservation of digital content at the point of its creation. This is to ensure that records, deemed sufficient in value to be preserved for the long-term, are created in a manner that will facilitate their preservation. Further details on record retention and destruction, including timescales, can be found in the Records Retention and Destruction Policy.

6

5.3. The information shall be allocated to an Information Asset Owner (IAO) who shall be responsible for its appropriate handling in keeping with the Information Handling and Classification Policy, and for ensuring that it is only accessed by authorised personnel.

5.4. Digital files to be preserved shall be managed within structured, secured, dedicated folders on local and corporate servers.

5.5. The infrastructure required for digital preservation shall be sustained for as long as there is a need for the digital resources it manages.

5.6. Full back up routines shall be implemented to provide disaster recovery capability.

5.7. On occasion, the use of removable media may be necessary for record retention and storage. If removable media is required to be used, gold coated CD-R and DVD-Rs or Ultrium magnetic tape cartridges shall be used and stored in an appropriate environment. In addition, the following criteria when using removable media shall be met:  removable media shall be checked annually for signs of physical deterioration and technical obsolescence;  migration to new removable media shall be carried out where necessary to ensure continuing access to the digital files;  all removable media shall be used in accordance with the Acceptable Use Policy.

5.8. Appraisal and selection of digital records that are intended to be managed and preserved shall comply with the Trust‟s Records Retention Policy and be undertaken in consultation with the relevant IAO and the Information Governance Manager/Data Security and Protection Manager.

5.9. At the point of accession into the archive, digital records shall be properly screened and documented to ensure the „chain of custody‟ is maintained, the records retain authenticity and that the digital preservation process begins with good quality data and metadata. To achieve this, the Trust shall:

 quarantine records prior to accession into archives and conduct anti-virus checks to ensure the incoming digital records should pose no threat to the integrity of other records;  identify, characterise and validate file formats;  gather appropriate descriptive, administrative and preservation metadata;  conduct fixity checks to ensure the authenticity of accessioned records; and  generate a „preservation‟ and „access‟ copy of the original.

5.10. The Trust shall ensure that the physical infrastructure and IT systems required to store and manage its digital archive is protected from accidental or deliberate damage in accordance with the Physical Environment Information Security Policy.

5.11. The deletion of digital resources and metadata shall only be allowed under controlled and authorised circumstances. Essentially, all devices and media that

7

are to be retired from the Trust‟s use should be securely removed, destroyed, or overwritten.

5.11.1. It is important to bear in mind that one of the key principles of the General Data Protection Regulation prohibits the retention of personal data for longer than is necessary. While there are always minimum periods for which records must be retained, there may be occasions when records need to be kept for longer. Recommended minimum lengths of retention of medical records may be found in the advice given in the Information Governance Alliance Records Management Code of Practice for Health and Social Care 2016.

5.11.2. The recommendations apply irrespective of the form in which records are held. Record holders are under a legal and ethical obligation to maintain records safely and securely.

5.11.3. Although the definition of 'necessary' will vary, where a decision is made to retain records for longer than the periods advised by this guidance, it is important that this is supported by explicit reasons, which should ordinarily be recorded in the records and signed off by the Senior Information Risk Owner (SIRO) in accordance with the Information Governance Policy.

5.12. The Trust shall conduct preservation planning to monitor the technological, financial, legislative and institutional environment and mitigate the risks of change to the accessibility of digital records. The Trust shall carry out preservation planning in accordance with guidance provided by NHS Digital, the National Cyber Security Centre (NCSC) and other relevant Government authorities or applicable legislation.

5.12.1. Risk Assessment – Regular risk assessments shall be undertaken on the Trust‟s digital records to determine the level of preservation action required.

5.12.2. Impact Assessment – the Trust shall prioritise actions it needs to take in accordance with external changes in the technology landscape, and in keeping with the risk appetite established by the Board. This is set out in the Information Risk Management Policy.

6. Monitoring and Evaluation

6.1. This Policy shall be reviewed every two years or in response to significant changes due to security incidents, variations of law and/or changes to organisational or technical infrastructure.

6.2. Any behaviour deemed to be in breach of this Policy or relevant procedures may result in investigation and disciplinary action being taken as considered appropriate.

8

6.3. Compliance with this Policy shall be monitored by internal and external audits commissioned by the Executive Team and reflect the Risk Appetite of the Trust as indicated in the Information Risk Management Policy.

6.4. This Policy is written and maintained by the information Governance/Data Security and Protection Manager and approved by the SIRO on behalf of the Board. Questions relating to its content or application should be addressed to the Information Governance/Data Security and Protection Manager.

7. Related Policies

7.1. Related policies referenced in this document are available on the intranet or by request to the Employee‟s Line Manager and should be read in conjunction with this Policy.

9