IPSA's email retention policy
When an employee leaves IPSA, we notify our IT service providers and advise them to delete all information pertaining to that user’s account 90 days after the employee’s departure. This is not contained within any written policy, but is made on a request form sent to the service provider. For reference, I have attached, at Annex A, a screenshot of the standard instruction sent to the service provider.
As you will be aware, IPSA and the Compliance Officer for IPSA are separate public authorities, and IPSA does not therefore necessarily hold information for the purposes of the FOIA which is held by the Compliance Officer (and vice versa). However, the Parliamentary Standards Act 2009 (as amended) requires IPSA to provide the Compliance Officer for IPSA with resources required to discharge his functions (such as accommodation, IT and staffing), and many of the same practices (such as that relating to records retention) are shared.
Please find at Annex B extracts from IPSA’s draft Records Management Policy relating to written correspondence from MPs and members of the public. The policy is currently in draft form and has not yet been formally agreed – but is held by IPSA and therefore subject to disclosure under the terms of the FOIA.
|Operations – Validation & MPs’ files||Description||Retention period|
|Correspondence||Original letters from MPs to IPSA||2 years|
|Original letters from the public to IPSA||6 months|
|Operations – Information team||Description||Retention period|
|CRM records||Emails, scans of letters and logs of calls||Destroy after 2 years|
Compliance Officer for IPSA
|External correspondence||Letters from members of the public, MPs etc. which do not relate to case files.||Destroy after 2 years|
|Internal correspondence||Emails/letters between Compliance and IPSA||Review on 6-monthly cycle|
Is this page helpful?
- 16 March 2015
- IPSA - POLICY
- Exemptions Applied: