Record Keeping Policy

Version: 1.0

Effective Date: 13 March 2026

Review Date: 13 March 2027

Approved by: (Director/Board)

1. Purpose

The purpose of this policy is to ensure that all information relating to young people, staff, safeguarding concerns, and organisational activities is recorded accurately, stored securely, and managed responsibly.

Effective record keeping supports:

  • Safeguarding of children and young people
  • Accountability and transparency in service delivery
  • Continuity of support for young people
  • Compliance with data protection legislation
  • Protection of staff and volunteers working with young people

This policy works alongside the organisation’s Safeguarding & Child Protection Policy and Confidentiality and Data Sharing Policy to ensure consistent and responsible management of information.

2. Scope

This policy applies to:

  • All staff
  • Wayfinders / youth support staff
  • Volunteers
  • Contractors and consultants
  • Managers and senior leadership

It applies to all records created or maintained in relation to:

  • Young people participating in programmes
  • Safeguarding concerns or disclosures
  • Support interactions and case notes
  • Incident or welfare reports
  • Attendance and engagement data
  • Referrals to partner organisations

The policy applies to all formats of records, including:

  • Paper documents
  • Digital systems
  • Email correspondence
  • Recorded phone or online calls
  • Case management systems
  • Audio or video recordings

3. Legal Framework

Record keeping practices comply with relevant UK legislation and safeguarding guidance including:

  • UK General Data Protection Regulation (UK GDPR)
  • Data Protection Act 2018
  • Children Act 1989 and 2004
  • Working Together to Safeguard Children
  • Safeguarding Vulnerable Groups Act 2006
  • Human Rights Act 1998

These frameworks establish requirements for lawful processing, secure storage, and responsible management of personal data.

4. Principles of Record Keeping

All records created by the organisation must follow these principles.

Accuracy

Records must be factual, clear, and based on observed information rather than assumptions.

Timeliness

Records should be completed as soon as possible after an interaction or incident.

Relevance

Only information relevant to safeguarding, support, or programme delivery should be recorded.

Confidentiality

Records must be handled in accordance with the organisation’s Confidentiality and Data Sharing Policy.

Security

Records must be stored securely to prevent unauthorised access, loss, or misuse.

Safeguarding Priority

Where safeguarding concerns arise, recording must prioritise protecting the young person and enabling appropriate action by the Designated Safeguarding Lead (DSL).

5. Types of Records

The organisation may maintain several types of records relating to young people and programme delivery.

Attendance and Participation Records

These include:

  • Session registers
  • Activity participation logs
  • Programme engagement tracking

These records support monitoring, safeguarding awareness, and reporting to funders.

Case Notes and Support Records

Case notes may be recorded when Wayfinders or staff provide guidance, mentoring, or support to young people.

Case notes should document:

  • Significant conversations
  • Support provided
  • Agreed actions or follow-up steps
  • Referrals or signposting to services

Not every informal conversation requires documentation; however, interactions involving advice, support, safeguarding concerns, or agreed actions must be recorded.

Safeguarding Records

Safeguarding records must be created when:

  • A young person makes a disclosure
  • A staff member observes signs of abuse or harm
  • Concerns are raised about a young person’s welfare
  • A safeguarding referral is made

These records must be shared with the Designated Safeguarding Lead (DSL) immediately and stored securely.

Safeguarding records may include:

  • Disclosure notes
  • Incident reports
  • Risk assessments
  • Referral documentation
  • Communication with external safeguarding agencies

Incident Records

Incident reports should be completed when significant events occur, such as:

  • Accidents or injuries
  • Behaviour incidents
  • Conflicts between participants
  • Safeguarding-related concerns

These reports help ensure accountability and enable appropriate follow-up actions.

Call and Communication Records

Where interactions occur through phone or online platforms:

  • Calls with young people may be recorded where required by safeguarding procedures.
  • Records of conversations must be stored securely.
  • Access to recordings will be restricted to authorised individuals such as the DSL or senior leadership.

6. Information Required in Records

Where records are created, they must include the following minimum information:

  • Date and time of interaction or incident
  • Name of the young person (or unique identifier)
  • Name and role of the staff member making the record
  • Location or context of the interaction
  • Clear factual description of what occurred or was discussed
  • Any actions taken or agreed
  • Any safeguarding concerns identified
  • Whether the matter was escalated to the DSL or another authority

Staff must avoid:

  • Personal opinions
  • Assumptions or speculation
  • Judgemental language

If professional opinion is included, it must be clearly identified as such.

7. Responsibilities

Designated Safeguarding Lead (DSL)

The DSL is responsible for:

  • Maintaining secure safeguarding records
  • Reviewing safeguarding reports
  • Ensuring referrals to external agencies are documented
  • Providing guidance on recording safeguarding concerns

Managers / Programme Leads

Managers are responsible for:

  • Ensuring staff follow record keeping procedures
  • Monitoring the quality and consistency of records
  • Supporting staff who manage complex case records

Wayfinders / Youth Support Staff

Wayfinders must:

  • Record interactions with young people where required
  • Document safeguarding concerns immediately
  • Provide factual, accurate notes of significant interactions
  • Escalate safeguarding concerns to the DSL without delay

General Staff and Volunteers

All staff and volunteers must:

  • Maintain accurate records where required
  • Follow confidentiality and data protection procedures
  • Store records securely
  • Report any concerns about data security or misuse

8. Storage and Security of Records

All records must be stored securely.

Paper Records

  • Stored in locked cabinets or secure offices
  • Accessible only to authorised personnel

Digital Records

  • Stored on password-protected systems
  • Access restricted based on role and responsibility
  • Protected through appropriate cybersecurity measures

Safeguarding records should be stored separately from general programme records where appropriate.

9. Access to Records

Access to records will be restricted to individuals who require the information to carry out their role.

This may include:

  • Designated Safeguarding Lead
  • Senior management
  • Relevant programme staff
  • External safeguarding authorities where required

Requests for access to personal data may be made through a Subject Access Request in accordance with UK GDPR.

10. Retention and Disposal of Records

Records will be retained only for as long as necessary to meet legal, safeguarding, and organisational requirements.

When records are no longer required they will be:

  • Securely destroyed (for paper records), or
  • Permanently deleted from digital systems

Sensitive records such as safeguarding documentation may be retained longer where required by safeguarding guidance.

11. Training and Awareness

All staff and volunteers will receive training on:

  • Record keeping expectations
  • Safeguarding documentation procedures
  • Confidentiality and data protection responsibilities

Training will be provided during staff induction and refreshed regularly.

12. Monitoring and Review

The organisation will monitor record keeping practices to ensure:

  • Safeguarding standards are maintained
  • Records are accurate and complete
  • Data protection requirements are met

The policy will be reviewed annually or sooner if legislation or organisational procedures change.

13. Breaches

Failure to follow this policy may result in:

  • Investigation
  • Disciplinary action
  • Termination of contracts (for consultants or contractors)
  • Referral to relevant authorities where appropriate

14. Version Control

Version: 1.0

Date: 13 March 2026

Change: Initial draft

Author: Mel Dorlin

Approved By: [Director/Board]