Compliant destruction of Australian Government records
What should I do before disposing of information?
If you intend to dispose of information, check that it has been sentenced and the minimum retention period has expired.
- the original sentence is still appropriate to the content and value of the information
- circumstances have not changed so that a non-controversial issue has become controversial or is of public interest, resulting in your agency needing to keep the information for longer
- the record is not affected by a records disposal freeze, related to a current judicial proceeding or subject to a current application for access under the Freedom of Information Act 1982, the Archives Act 1983 or other legislation.
Record the disposal decision and the process you will use in control records. This will help demonstrate that sentencing and destruction have been done properly.
How do I compliantly destroy a record?
To destroy Australian Government records you need to make them unreadable and irretrievable.
The Australian Government Protective Security Policy Framework and the Australian Government Information Technology Security Manual provide more information on appropriate methods of destruction for digital records and associated media formats. The decision of how to destroy your digital records should be based on a risk assessment.
Methods for destroying physical records such as papers, photographs and films include:
You should review the guidelines in the Australian Government Protective Security Policy Framework relevant to destruction methods suitable for your agency’s physical records.
Deletion is not destruction and does not meet the requirements for destruction of Australian Government records. When digital records are deleted it is only the pointer to the record (such as the file name and directory path) that is deleted. The actual data objects are gradually overwritten in time by new data. However, until the data is completely overwritten, there remains a possibility that the information can be retrieved.
Methods of destroying digital records include:
- digital file shredding
- degaussing – the process of demagnetising magnetic media to erase recorded data
- physical destruction of storage media – such as pulverisation, incineration or shredding
- reformatting – if it can be guaranteed that the process cannot be reversed.
To ensure the complete destruction of a digital record, all copies should be found and destroyed. This includes removing and destroying copies contained in system backups and offsite storage.
How do I make sure records are properly destroyed?
Make sure you destroy records securely. Never leave records at the local tip, as they may be retrieved by someone else, without your knowledge. Never sell records, even if they would otherwise have been destroyed. When you destroy records, ensure that you are there to see the destruction carried out or can receive a report that guarantees the work has been completed.
Recording disposal decisions and destruction of records
To support accountable disposal action and comply with Regulation 11 of the Archives Regulations 2018 agencies must record information relating to the destruction or other disposal of Commonwealth records. Disposal of a Commonwealth record means:
- its destruction;
- the transfer of its custody or ownership; or
- damage or alteration to the record.
This information should be recorded in agency control records in digital recordkeeping systems (EDRMS or appropriate business management systems). Under Regulation 11, this information does not need to be provided to the Archives, but must be kept and provided on request. This is consistent with AFDA Express Class 20444 under which master control records for agency recordkeeping systems are 'retain as national archives'.
Examples of when control records should be updated include:
- recording records authority classes following a sentencing program;
- transferring records to the National Archives;
- transferring records as part of machinery of Government change;
- authorised transfer of custody or ownership of records outside the Commonwealth through privatisation or sale; or
- documenting the alteration of Commonwealth records or the treatment of damaged records.
Relevant contextual information about the disposal decision should be recorded and may include the following:
- a description of the records (eg unique identifiers and titles);
- applicable records authority(ies) and class numbers used to authorise disposal;
- date range of the records;
- quantity of records (gigabytes for digital or shelf metres for paper);
- date of the disposal action (eg date of destruction or transfer);
- method of destruction; and
- authorised action officer details.
Unauthorised destruction of information and records
If you discover information or records have been destroyed or disposed of without appropriate authorisation, contact the Agency Service Centre.
For more information see What to do in cases of unauthorised destruction of information.