Step 1: Understand why you need to take action

The planned disposal of paper information is a normal part of government life but this is not yet fully embedded for digital information. This is in part because:

  • information is spread across a range of different electronic systems both inside and outside the organisation – for example:
  • Electronic Document and Records Management Systems (EDRMS)
  • shared and personal drives
  • collaboration systems
  • databases
  • email systems including email archives
  • web based social media
  • For many of these systems it is not possible to ‘build in’ disposal, so it has to be managed separately

As the volume of digital information grows and ages, the urgency of this situation is increasing.


Responsible disposal of information presents significant opportunities to your organisation in terms of:

  • reducing storage and maintenance costs by separating the information that is required from your business functions
  • increasing efficiency by making it easier to find and use the information you need
  • supporting compliance by enabling


Keeping information for longer than is required exposes your organisation to risks around:

  • cost – there are significant costs around maintaining, preserving and presenting digital information back to the user and the more information you hold the more expensive this will be. Also, not complying with legislation such as the Data Protection Act can lead to financial penalties
  • efficiency – keeping too much information will impede the performance of your digital systems and make it difficult to find the information you need to carry out your business functions. It is also hard to maintain large amounts of digital information and ensure that it is complete, available and usable for as long as you need it
  • reputation – not disposing of information in a responsible and timely fashion will put your organisation at risk of non-compliance, for example, of not disposing of personal information as required under the Data Protection Act or not providing information requested under the FOI Act

Further information

Business requirements (PDF)

Information legislation

Managing risk