Information Services Division


Data destruction


This guidance covers situations where you are required to delete all copies of a set of data. It is designed to ensure that this is done in an accountable manner that reduces the risk of mistakes and provides evidence that the deletion has been completed. 

In all cases, please ensure that there are no over-riding requirements detailed in contracts or agreements that mandate specific steps over and above those detailed below.


The Information Asset Owner (IAO - usually the PI) must authorise the deletion of the data. This is necessary because the IAO is accountable for safekeeping of the data. In most cases, an email from the IAO will be adequate. The email must clearly identify the data to be deleted, its location(s) and explicitly grant the recipient with authority to delete. 

Deleting the data

Different systems will have their own processes. In most cases, deleting files and emptying the 'bin' does not delete the underlying data. Please seek advice from the team that manage the system in question on how to irretrievably delete data.

The person deleting the data should record their actions and the time and date. The activity should ideally be witnessed and the witness should ensure that the correct authority exists, that the correct steps have been followed and that the deletion is complete.

Record keeping

The record of deletion should be supplied to the IAO and retained as proof of deletion. For more details on holding records, please see the UCL Records Office Retention Schedule.