Guideline 3 - Destruction of records
- Summary of process
- Disposal and destruction
- Legal requirements under the State Records Act
- Principles of Destruction
- Methods of Destruction
- Using a contract service
- Sensitive Information
- Appendix A
- Appendix B
These guidelines have been prepared for personnel in New South Wales public offices who are responsible for arranging the destruction of State records as part of a program of authorised records disposal in accordance with Part 3 of the State Records Act 1998. They should be read in conjunction with the Standard on the appraisal and disposal of State records, which sets out the compliance requirements for the authorised and accountable destruction of records.
These guidelines provide practical advice on the physical destruction of hardcopy records. For advice on the physical destruction of digital records, see Recordkeeping in brief Destroying digital records: When pressing delete is not enough (RIB51). For more information on disposal processes for State records, see Recordkeeping in Brief 48: Disposal at a glance.
When undertaking the destruction of records, it is necessary to ensure that:
the records are no longer required for undertaking the business of the organisation (i.e. you have checked and confirmed that they are not required by business units for ongoing business)
destruction of the records is permitted or approved in accordance with the requirements of the State Records Act 1998
the records are no longer required to be retained to fulfil any other statutory and regulatory requirements for retention
there is documentation identifying which records have been destroyed, when they were destroyed, how they were destroyed and under what authority, and
the records have been destroyed in an appropriate manner.
Appendix A of this guideline contains a checklist which can be used by public offices to ensure that they are undertaking best practice records destruction.
The terms 'disposal' and 'destruction' are often used interchangeably, but disposal does not always mean destruction, and there are a number of ways a record can be 'disposed of', including through the transfer of ownership.
Disposal is defined as a ‘range of processes associated with implementing appraisal decisions. These include the retention, deletion or destruction of records in or from recordkeeping systems. They may also include the migration or transmission of records between recordkeeping systems, and the transfer of custody or ownership of records.’ (Australian Standard AS 4390 - 1996, Records Management, Part 1 Clause 4.9)
Destruction is the complete and irreversible physical erasure of the record which ensures that the record cannot be reconstituted or reconstructed.
The fact that a State record has been authorised for destruction by the State Records Authority of NSW does not mean that the record can be sold or transferred to private ownership.
The disposal of state records is subject to the terms of the State Records Act 1998 (NSW). Under the Act there are a number of ways to legally dispose of State records:
- with the permission of State Records through general retention and disposal authorities covering common classes of records created by public offices, or functional retention and disposal authorities covering the records that are unique to a particular public office
- under provisions of certain legislation that authorise the destruction of certain records
- in accordance with 'normal administrative practice' (NAP). NAP provides for the routine destruction of certain records of a generally facilitative nature. For further information on NAP see State Records' guideline Normal Administrative Practice, or
- by an order of a court or tribunal.
The disposal of State records should also be in accordance with requirements of the Standard on the appraisal and disposal of State records.
Section 21 of the State Records Act imposes a penalty for the illegal disposal of State records. All public offices must be able to account for their decisions to destroy records. If you destroy a record, you must be able to demonstrate that the destruction was permitted.
If you are not sure if you have approval for destruction, contact State Records.
Records destruction should be:
- timely, and
Following is more detail about each of these principles.
The Standard on the appraisal and disposal of State records sets out requirements for the authorisation required for the destruction of records:
- formal disposal authorisation by State Records, usually in the form of a general or functional authority
- internal authorisation (signing off) through an organisation's internal approval process, and
- delegation / authorisation for an individual to undertake the physical destruction records (or transfer of records to archival custody).
Authorised by State Records
Retention and disposal authorities are the legal instruments, issued by State Records, which provide the formal disposal authorisation upon which a public office can act. They set mandatory minimum retention periods. A record which is authorised for destruction in an approved and current retention and disposal authority may be destroyed at the end of the minimum retention period, if it is no longer required by the public office and the retention and disposal authority identifies that the record can be destroyed rather than transferred to archival custody.
For advice on applying retention and disposal authorities to records, see State Records' guideline Implementing a retention and disposal authority. Appendix 1 of the Guideline contains a flowchart identifying the steps that should be undertaken when applying a retention and disposal authority to records.
Authorised by your organisation
While retention and disposal authorities set mandatory minimum periods for retention, it is also important to ensure that your organisation has no further business or legal needs for the records. This can be done by ensuring that there are appropriate internal authorisation or approval processes in place. For example, providing the manager of the business unit that created and controls the records with lists of records proposed for destruction and asking them to confirm that the records are no longer required for legal, administrative, audit or financial reasons. Appendix 2 of State Records' guideline Implementing a retention and disposal authority contains a sample records destruction authorisation form. This process can also be managed through electronic workflow mechanisms available in some electronic document management systems.
Remember, a public office must not destroy any records:
- required for current or pending legal action
- which may be required as evidence in a court case
- that are the subject of a current or pending access request or application, such as under the Government Information (Public Access) Act (GIPA), or privacy request, or
- are the subject of any other statutory access request.
If the retention and disposal authority was applied to the record on creation (commonly referred to as 'sentencing on creation'), or a period of time has elapsed since the retention and disposal authority was applied to the record, the public office should ensure that no information has been added to the record that would affect or change the retention period which has been applied to the record, and that circumstances have not changed which may require retention of the records for a further period of time. This is also a formal requirement of the Standard on the appraisal and disposal of State records (see Principle 3: Authorised).
Delegation/authorisation to dispose of records
Once all requirements for the disposal of records have been met, an appropriate officer in your organisation should give the final internal approval for the destruction of records. Each organisation should ensure that an officer is formally delegated with responsibility for this process and that this delegation is documented in the recordkeeping system.
It is also important that records management staff have formal delegated authority to undertake the physical destruction of records or their transfer to archives, once signoff has been received from the business managers or other designated positions.
Remember, State Records' guideline Implementing a retention and disposal authority covers best practice processes for disposal and includes practical advice for applying retention and disposal authorities to records and authorisation processes for the disposal of records.
Records destroyed in natural disasters
There have been cases where records have been accidentally destroyed or severely damaged by natural disasters, such as flood or fire, before the minimum retention periods have been reached, or where there is no disposal coverage under a retention and disposal authority. In such cases advice from State Records should be sought, before arrangements are made for the disposal of the records.
2. Appropriate destruction
The destruction of records should be irreversible, and environmentally friendly.
Destruction of records should be irreversible. This means that there is no reasonable risk of the information being recovered again or the record being re-constituted. Failure to ensure the total destruction of records may lead to the unauthorised release of information and potential breaches of the Privacy and Personal Information Protection Act 1998, which requires public offices to comply with twelve information protection principles to protect personal information.
A number of cases have been reported in the media where records have been found 'unearthed' in local garbage tips after they had been buried, left in cabinets that had been sold, and put out on the street by contract cleaners when they were placed in ordinary recycling bins. Even when the records do not contain sensitive or personal information, such occurrences are very bad publicity for your organisation and the New South Wales Government as a whole.
Records should be destroyed in an environmentally friendly manner. Both paper and microforms should be recycled.
3. Secure / Confidential destruction
Records should always be disposed of with the same level of security that was maintained during the life of the records. See the Government Chief Information Office's Guide to Labelling Sensitive Information for information about the three levels of sensitive information (X-in-confidence, Protected and Highly Protected) and the rules for handling this information to protect confidentiality. The destruction of highly sensitive, personal or confidential material should be supervised by an officer of the organisation or by another authorised agent if destruction has been contracted out. For example, certain records classified as 'Highly Protected' under the GCIO guidelines require two officers to supervise the removal of the material to the point of destruction, ensure the destruction is complete, and sign a destruction certificate.
Extra care should be given to records containing sensitive information (see also section below on Sensitive information). Section 12 of the Privacy and Personal Information Protection Act 1998 states that a public sector agency must dispose of sensitive personal information securely to ensure the information is safeguarded against loss, unauthorised access, use or disclosure.
Lockable 'wheelie' bins should be used. Records should be transported in totally enclosed and lockable vehicles (to prevent records falling off the back of tracks!) and destroyed in the presence of an officer of your organisation. Sensitive records may also be shredded 'in-house' before being sent for pulping. The decision to shred records should be incorporated into the organisation's disposal authorisation processes (see Authorised Destruction section above).
4. Timely destruction
While records should not be destroyed while there is still a need for them, it is also important not to keep records longer than is necessary. Premier's Memorandum M2007-08 Efficient and Cost Effective Management of Records requires all agencies [and public offices] to apply the decisions in retention and disposal authorities to records and ensure "that they are destroyed promptly and securely when their retention period has ended."
The timely implementation of retention and disposal authorities helps to:
- reduce the cost of records storage
- reduce the time and cost associated with finding and retrieving records, and
- minimises the risks of unauthorised destruction of records.
Remember, timely destruction must be balanced by internal authorisation. Records are usually destroyed when they have reached the end of a specified retention period. However, prior to their destruction, you must ensure that the records are no longer required and that there is confirmation from the organisation that the records can be disposed of. If a decision is made to retain records longer than the mandatory minimum retention period, then the reasons for the decision should be documented to assist disposal at a later date.
5. Documenting the destruction of records
The destruction of all records must be appropriately documented, so that your organisation is able to ascertain if and when a record has been destroyed. Proof of destruction may be required in legal proceedings or in response to Government Information Public Access (GIPA) requests.
Recordkeeping systems and any other documentation should note
- which retention and disposal authority and disposal class authorised the destruction of the records
- date and time of disposal
- approval and authorisation including details of the officer authorising disposal of the records, and
- person undertaking disposal and their confirmation that the disposal occurred.
For example: GA 28 disposal class 5.5.1 should be documented along with the date and time of destruction, who authorised the destruction, and who undertook/supervised the physical destruction of the record.
Keeping a destruction register of individual records in consignments sent for destruction, together with a certificate of destruction, will serve as proof that records have actually been destroyed.
The certificate of destruction should be appropriately captured into a recordkeeping system together with other destruction documentation, for example, records of internal approval. A record of the method of destruction should also be documented if this is not already noted on the certificate of destruction.
Implementing these practices will also assist you in meeting the requirements of Principle 4: Accountable of the Standard on the appraisal and disposal of State records.
There are a number of appropriate methods of destruction for the different non-digital media on which records are stored. For advice on the methods of destruction for digital records see Recordkeeping in brief Destroying digital records: when pressing delete is not enough (RIB51).
The security provided by the shredding of records depends on how fine the paper is shredded. Cross shredding in a two axis shredder may be needed for particularly sensitive documents. Shredded paper may be pulped and recycled, or then used for other purposes such as insulation.
Pulped paper is reduced to its constituent fibres. If carried out correctly, it is a very secure method of destruction. Pulped paper is usually recycled.
Burning records is not recommended and should only be used as a last resort if there is no environmentally friendly method of destruction available. Records should be burned in accordance with any environmental guidelines and local burning restrictions. Densely packed paper does not burn well, so burning should be undertaken in an industrial facility (not in a backyard incinerator).
Important: Do not bury records in landfill. Burying is not an appropriate method of destruction. The records are not destroyed immediately and may take months or even years to break down. Records that are buried may also be uncovered within hours or days of being buried.
Videos, cinematographic film and microforms (microfilm/fiche/aperture cards/x-rays) can be destroyed by shredding, cutting, crushing or chemical recycling.
All NSW Government departments, agencies, public health organisations and local government can procure secure destruction services as part of the Integrated Waste Management Services contract managed by NSW Procurement.
Following is some advice when procuring a suitable secure destruction service under the new contract.
Contractors can be engaged to destroy records. However, it is the responsibility of the public office to ensure that destruction occurs in accordance with the approved methods of destruction. Make sure you know what method of destruction your contractor is using. Appendix B contains a list of sample questions to ask a contractor.
Transport of records
The contractor can collect records from your office for destruction, or you can deliver the records to them. A closed truck should be used whenever possible. However, if there is no alternative and the contractor can only provide an open truck, ensure that the load is secured by a cover. Sensitive and confidential records should only be conveyed in a closed and lockable vehicle.
The contractor must supply you with a certificate of destruction. If records that were supposed to be destroyed are subsequently found, the certificate is evidence that the contractor was at fault, not your organisation. You may also want to request that the certificate of destruction includes the method of destruction used by the contractor.
There are different types of sensitive information to be aware of and particular care must be taken in handling and destroying records containing this information. This level of security should be maintained throughout the entire life of these records, including during the destruction process. Examples include:
- personal information
- financial or commercially sensitive information
- information given in confidence
- information relating to an investigation, and
- information posing a security risk.
Public offices collect a great deal of information about individuals, and much of this information is quite sensitive, for example criminal, health or welfare records. Even records relating to the licensing of professions, trades, and commercial activities may contain personal information that could be sensitive. All personal information must be managed in accordance with the requirements of the Privacy and Personal Information Act 1998.
Personnel files are a prime example of records containing personal information that have strict access/security restrictions while the records are active.
Financial or commercially sensitive information
Examples include files containing information on an organisation's financial position, tender bids, and any information that may give an unfair financial advantage to another.
Information given in confidence
Records may contain information that is given on condition that the information is not released. Examples include personal information and financial information, information given by government agencies (foreign governments, interstate/federal bodies) and information from any source where the provider specifies that it is given in confidence.
Information relating to an investigation
Records relating to an investigation, usually into malpractice or criminal activity, may contain sensitive information.
Information posing a security risk
Records may contain information dealing with high security risk activities and premises. Examples of such records are plans of buildings for correctional institutions or banks, procedures for the delivery of large amounts of money, and security arrangements for movements of heads of State.
Checklist for records destruction:
- Are the records authorised for destruction under a relevant and current retention and disposal authority?
- Does the organisation still require the records?
- Are the records the subject of a current or pending court case, GIPA application or Privacy request?
- Has internal authorisation for disposal been obtained?
- Do the records have special security requirements?
- If yes, have you organised the appropriate secure destruction service for these records (locked bins, in-house shredding, or authorised officer witnessing the destruction)?
- Have you contacted an appropriate service provider?
- Have you specified that a covered van/truck should be used for the removal of the records?
- Have you requested that the service provider provide you with a certificate of destruction?
- Have you specified that the records are to be destroyed on day of collection?
- Have you recieved the certificate of destruction?
- Can you confirm that the records were destroyed (either by a certificate of destruction or a note from an individual who witnessed the destruction)?
- Have you documented the details of the destruction in the organisation's recordkeeping system?
Sample questions to ask if using a contractor:
- What types of trucks are used?
- Are locked bins available?
- Where are the records destroyed? (on company premises)
- How will the records be destroyed? (methods)
- Can I witness the destruction?
- Are the records destroyed on the same day as collection?
- If same day destruction is not available, where are the records stored pending destruction?
- What type of supervision is provided when records are destroyed on another company's premises?
- Are there specific secure destruction services available?
- Are certificates of destruction provided and when are they sent?
© State of New South Wales through the State Records Authority, 1996.
First published 1996 / Revised edition July 2000 / Revised edition December 2003 / Revised edition 2005 / Revised edition 2010.
This work may be freely reproduced and distributed for most purposes, however some restrictions apply. See our copyright notice or contact us.