Frequently Asked Questions About Record Retention and Deletion
This piece answers frequently asked questions from U.S. agencies and collaborations about best policies and practices for record retention and deletion by agencies and partnerships that hold data and records about victims of sexual assault, domestic violence, dating violence and stalking. Victims and their families face significantly increased safety and privacy risks over the long term. Thus any agency, collaboration or program that holds their personally identifiable information must be vigilant about how it secures, retains and deletes any records about or related to these individuals.
Questions addressed in this piece include:
- Why Should We Have Record Retention and Deletion Policies?
- Why Is It Best Practice to Collect Minimal Information?
- Why is it Best Practice to Collect Range of Data, Not Specifically Identifying Information?
- How Long Should a Program Keep Records?
- Who Should Have Access to the Data?
- Are There Special Precautions Our Agency Should Take To Protect Records Until They Can Be Destroyed?
- Why Should Your Agency Purge Data Regularly?
- Do Financial Records Have To Be Retained For A Different Amount Of Time Than Counseling Records?
- What About Other Types of Records, Such as Security or Surveillance Videos?
- We Always Shred Our Paper Files Before Disposing Of Them. How Do We Ensure Our Electronic Files Are "Disposed" Of In A Secure Way?
- Overall, What Data Retention Policies Should Our Agency Have?
This FAQ piece is part of a microsite published in 2011 by the Confidentiality Institute and NNEDV's Safety Net Project titled: Technology and Confidentiality Toolkit for Agencies, Colocated Partnerships and Coordinated Community Responses Teams working to end domestic violence, dating violence, sexual assault and stalking.
- Resource in English - Frequently Asked Questions About Record Retention and Deletion.