top of page

Access, Storage and Retention of Records Policy

Access, Storage and Retention of Records Policy

At Winston’s Place Day Nursery we have an open access policy in relation to accessing information about the nursery and parents’ own children. This policy is subject to the laws relating to data protection and document retention and should be used in conjunction with the Data protection and confidentiality policy and the GDPR privacy notice.

Parents are welcome to view the policies and procedures of the nursery, which govern the way in which the nursery operates. These may be viewed at any time when the nursery is open, simply by asking the nursery manager or on the nursery website. The nursery manager or any other relevant staff member will also explain any policies and procedures to parents or use any other methods to make sure that parents understand these.

Parents are also welcome to see and contribute to all the records that are kept on their child. However, we must adhere to data protection laws and, where relevant, any guidance from the relevant agencies for child protection.

As we hold personal information about staff and families, we are registered under data protection law with the Information Commissioner’s Office. A copy of the certificate can be viewed in the Management Office or HR Office. All parent, child and staff information is stored securely according to the requirements of data protection registration, including details, permissions, certificates and photographic images. We will ensure that staff understand the need to protect the privacy of the children in their care as well as the legal requirements that exist to ensure that information relating to the child is handled in a way that ensures confidentiality.

Any personal data breach will be managed in line with our Data Protection and Confidentiality Policy. Where required, breaches will be reported to the Information Commissioner’s Office within 72 hours and, where necessary, affected individuals will be informed.

We are required under legislation to keep certain records about children, parents and also staff members. Due to this legislation, we are required to keep this information for a set amount of time. Below is a brief overview of the information we keep and for how long. This policy should be used in conjunction with the Data protection and confidentiality policy and the GDPR privacy notice.

Children’s records: A reasonable period of time after children have left the provision. We follow the Local Authority procedure which states they should be kept until the child is legally classed as an adult.
Records relating to individual children e.g. care plans, speech and language referral forms: We will pass these on to the child’s next school or setting following our Local Authority’s protocols for transition and sharing of sensitive records.

Copies will be kept for a reasonable period. We follow the Local Authority procedure which states they should be kept until the child is legally classed as an adult.

Accidents and pre-existing injuries: If relevant to child protection we will keep these until the child reaches 25 years old.

Safeguarding records and cause for concern forms: We will pass these on to the child’s new educational establishment e.g. school. In the event that we are not informed of the child’s new placement, we will keep the records until the child has reached 25 years old.

Records of any reportable death, injury, disease or dangerous occurrence (for children): As these incidents could result in potential negligence claims, or evolve into a more serious health condition, we keep records until the child reaches the age of 21 years and 3 months.
Records of any reportable death, injury, disease or dangerous occurrence (for staff): 3 years.

Type of accidents including fractures, broken limbs, serious head injuries or where the child is hospitalised: Until the child reaches the age of 21 years and 3 months.

Information and assessments about individual children are either given to parents when the child leaves or to the next setting or school that the child moves to (with parents’ permission).
Personnel files and training records (including disciplinary records and working time records): 7 years.
Visitor Signing in book: Up to 24 years as part of the child protection trail.

Nursery records and documentation that are not required to be kept are deleted or destroyed in line with the current data protection laws and our GDPR privacy notice which can be found in each of the child’s files or in the Policies and Procedures File.

Paper records are securely shredded when no longer required. Electronic records are permanently deleted from systems and backups in accordance with our retention schedule.
If parents have a specific deletion or retention request regarding any data that we hold, please raise a query in writing and we will respond formally to your request.

Parents and staff have the right to request access to personal data held about them of their child through a Subject Access Request. Requests must be made in writing. We will respond within one calendar month in accordance with data protection law. Information relating to third parties may be redacted where appropriate.

Requests for deletion will be considered in line with data protection law. Where we are required by law or safeguarding guidance to retain information, we may lawfully refuse a deletion request and will explain the reasons in writing.

Digital records, including photographs and online learning journals, are stored on password-protected systems with access restricted to authorised staff only.

bottom of page