Your Commissioner - Your Voice

Commissioner Zoë can ask questions on your behalf in her Online Public Meeting with the Chief Constable or Chief Fire Officer. Ask your question and find out more.

Records management

Records Management and Correspondence Handling Policy for the Office of the Police, Fire and Crime Commissioner

Published: January 2024
Review date: January 2025
Policy owner: Data Protection Officer


This policy has been drawn up following the very high volume of correspondence received in the Office of the Police, Fire and Crime Commissioner (OPFCC).  This includes general enquiries, official or unofficial complaints and legal queries e.g. FOIs

To ensure this variety of correspondence is responded to appropriately a correspondence policy is needed.  This also covers the different types of complaint that can be routed through the OPFCC, such as Chief Constable complaints and Police, Fire and Crime Commissioner Complaints, complaints against police officers or police staff, and complaints made against members of the OPFCC.  Each has a different complaints framework, which is clearly laid out in this documents.

The same as the above is true for legal enquiries. FOIs and other legal queries come into the OPFCC concerning both Commissioner activities and North Yorkshire Police activities.  It is important these matters are responded to within statutory time frames, which are also set out in this policy.

Following on from the above is the retention of any of this documentation. To ensure all OPFCC staff are managing information and data appropriately, this policy sets out clear parameters which staff can work to.

At the same time as this policy has been developed, OPFCC security is also being reviewed.  This will include physical and computer based security, and progress is being made to ensure all appropriate security measures are in place.

Correspondence Handling

When correspondence is received, either in writing, by email or via private/direct messaging on social media, OPFCC staff will triage the correspondence. All OPFCC staff should refer any appropriate correspondence received by them directly to individual email accounts into the triage system.

All email correspondence is acknowledged in the first instance with an auto-response, which explains a substantive response will be sent in due course.

Where possible, business as usual correspondence should be responded to substantively within five working days.  Please note different statutory time limits apply for subject access and FOI requests.

Correspondence will be handled as follows:

  1. Business as usual requests about OPFCC business will be handled by the OPFCC staff.
  2. Business as usual correspondence about NYP business will be referred to the relevant NYP department within two working days.
  3. Complaints correspondence will be handled in accordance with the “Complaints” section below.
  4. Correspondence expressly referring to the Freedom of Information Act (FOI) or Data Protection Act (DPA) will be referred to the Civil Disclosure Unit within one working day.
  5. Correspondence containing requests for information that do not expressly refer to FOI or DPA will be handled in accordance with the “Requests for Information Section” below.

Correspondence that does not fit into any of the above categories will be referred to the Chief Executive for consideration as to how it should be dealt with. OPFCC staff should also note the guidance below relating to vexatious correspondence.

The Chief of Staff will issue written correspondence protocols from time to time, which supplement this Procedure.


Complaints correspondence should be handled as follows:

  1. Complaints about the Police, Fire and Crime Commissioner – pass to Chief Executive immediately, the Chief Executive will then forward to the Police, Fire and Crime Panel.  At the same time the Chief Executive will also make the Commissioner and Head of Legal Services aware.
  2. Complaints about the Chief Constable – forward to the Commissioner and copy to the Chief Executive. The Chief Executive will forward to the Head of Legal Services as appropriate.   A copy should also be sent to the Chief Constable’s Staff Officer.
  3. Complaints about personnel serving with North Yorkshire Police under the direction and control of the Chief Constable – forward to the Chief Constable’s Staff Officer and Professional Standards at NYP. Complaints about personnel employed by the Police, Fire and Crime Commissioner – forward to the Chief Executive Officer and Professional Standards at NYP.
  4. Complaints about staff of the Office of the Police, Fire and Crime Commissioner – forward to the Chief Executive Officer.
  5. Complaints about statutory officers of the Office of the Police, Fire and Crime Commissioner – forward to the Chief Executive Officer for the Commissioner’s  Chief Finance Officer and forward to the Commissioner for the Chief Executive.

The Public Complaints Procedure contains further detail about the complaints handling procedures.

Requests for Information

Any requests for North Yorkshire Police information will be referred to the relevant department within North Yorkshire Police.

If a written request for information held by the OPFCC (that does not expressly refer to FOI) is received, the Policy and Scrutiny Manager to the OPFCC will consider the following:

  1. Identify whether the request is a valid FOI request. A written request for information does not have to specify it is an FOI request in order for it to be valid. A valid FOI request is one that is:
  • In writing (this includes emails etc)
  • States the name of the Applicant and an address for correspondence
  • Describes the information requested
  1. If it is a valid request, consider whether it can be dealt with as a business as usual (BAU) request. Equivalent guidance within the police service, which the Commissioner intends to follow, states that to be treated as BAU as opposed to FOI, the request for information must fit the key criteria in that:
  • It must not indicate that it is an FOI request
  • The information will be provided
  • The information will be provided within 20 working days

Any requests that meet this criteria can be dealt with by the OPFCC without the need to handle them in accordance with the FOI Act.

  1. If it is not appropriate to deal with the request as a BAU then it should be referred to the Civil Disclosure Unit immediately.

Malicious & Vexatious Correspondence

The OPFCC does not wish to set out to categorise correspondence as vexatious unless absolutely necessary.  However, in order to ensure that the vast majority of individuals who contact the Commissioner are given the due attention and regard they warrant and can expect, the Commissioner reserves the right to, in exceptional circumstances, make a decision to discontinue corresponding with an individual.

This position is a last resort when an assessment has been made that a disproportionate amount of time is being consumed with a single issue or individual, where the complaint or correspondence is deemed to be malicious or of a vexatious nature.  In such circumstances OPFCC staff should liaise with Legal Services to consider the nature of the correspondence and whether any alternative action is appropriate or legally necessary. In appropriate cases where a decision is taken that the OPFCC will enter into no further correspondence with an individual on a particular topic, the individual will be informed that further correspondence on the same issues will be placed on file and will not be responded to.

Aggressive, abusive and threatening correspondence and/or telephone calls to OPFCC staff will not be tolerated. The OPFCC reserves the right to refrain from responding to such correspondence and/or terminate any such calls.

Information sharing

Information held by the OPFCC, including personal information, may need to be shared. This may be as a result of a statutory obligation or power.

Further information on this can be found on our Data Protection page.

Data Protection

The OPFCC is subject to Data Protection legislation which includes UK General Data Protection Regulation, as well as the Data Protection Act 2018.

The legislation states that anyone processing personal data must continue to comply with the principles of data protection law these are that data must be:

  • Processed lawfully, fairly and in a transparent manner.
  • Collected for a specified, explicit and legitimate purpose.
  • Adequate, relevant and limited to what is necessary.
  • Accurate and where necessary kept up to date.
  • Kept in a form which permits identification of data subjects, and for no longer than is necessary.
  • Processed in a manner that ensures appropriate security of the personal data

Further information can be found here: How we use your information.

Subject Access Requests

Under the Data Protection Act 2018, individuals have the right to obtain:

  • confirmation that their data is being processed;
  • access to their personal data; and
  • other supplementary information – this largely corresponds to the information that should be provided in a privacy notice.

Further information can be found here: Subject Access Requests

Freedom of Information Requests

The Freedom of Information Act 2000 gives the public a general right of access to all types of recorded information held by public authorities, including the right to be told whether the information exists, as well as the right to receive that information, subject to certain exemptions if applicable.

More information can be found here: Freedom of Information.

Records Management

A record is defined as “information created, received, and maintained as evidence and information by an organisation or person, in pursuance of legal obligations or in the transaction of business.” (BS ISO 15489: 2001).

Records are a valuable corporate resource, providing the organisational memory.  Accurate records provide evidence of past actions, decision making, audit trail and accountability.

This policy incorporates all records of all formats/media owned and managed by the Police, Fire and Crime Commissioner (Data Controller) and applies equally to all employees of the Office of the Police, Fire and Crime Commissioner and all individuals (Data Processors) contractually bound by OPFCC policies and procedures. The types of examples of items that can constitute records include:

  • Documents (including written and typed documents and annotated copies)
  • Computer files (including word documents, databases, spreadsheets and presentations)
  • Emails
  • Teams chat messages
  • Diary records
  • Fax messages
  • Brochures and reports
  • Intranet and Internet Web pages
  • Forms

It is the duty of all individuals to adhere to this policy and relating procedures to enable effective management of information.

This policy does not apply to copies of documents published by other organisations that are kept for reference purposes only.

Retention & Destruction of Documents

Records should be retained for the periods detailed in the OPFCC Retention Schedule January 2024

The schedule has been produced to assist in ensuring good practice and compliance with Freedom of Information, Data Protection and other legislation and guidance.

The minimum retention periods quoted in the schedule relate to any type record the information may exist in e.g.; electronic or paper. To reduce storage costs it is recommended that paper records are scanned using PDF software, where appropriate to do so, and are subsequently added to the file management system in line with procedure. This will ensure the effective retrieval of the information in the future.

The schedule table has a number of headings:

  • Category – Defines the function / area of business
  • Description – Further detail of the type of record referred to
  • Minimum Recommended Retention – The recommended required retention period prior to physical disposal
  • Rationale / Legislation – The reasoning behind the length of retention stipulated

All of the recommended retention periods are given in whole years, where End of Financial Year (EoFY) is shown this relates to the end of the current financial year.

Records should be disposed of by shredding / arranging for collection as confidential waste for destruction by the appropriate body and this should also include all back-up copies on alternative media.

NOTE: Whenever there is a possibility of litigation or a request under the Freedom of Information Act the records that are likely to be affected should not be amended or disposed of until the threat of litigation has ended or the appeal processes under the Freedom of Information Act have been exhausted.

A record of disposal of the information detailed in the attached schedule should be maintained which identifies each record destroyed. Where a decision is made to retain a particular piece of information for longer than the time set out in the schedule, justification should be noted to provide the evidence for this decision.

The Office of the Police, Fire and Crime Commissioner will hold information which relate to the statutory functions of the former Police Authority and Fire Service Authority.

Standard Operating Procedure

This applies to records which do not need to be kept at all. Information which is duplicated, unimportant or of short term use can be destroyed under the Standard Operating Procedure, including:

  • compliments slips
  • catalogues and trade journals
  • telephone message slips
  • non-acceptance of invitations
  • trivial e-mails or notes not related to OPFCC business
  • requests for stock information such as maps, plans or marketing material
  • out of date distribution lists
  • working papers which lead to a final report
  • duplicated and superseded material such as stationery, manuals, drafts, address books and reference copies of annual reports
  • hard copies of documents where an electronic copy has been saved on the OPFCC system except where these may be used as evidence to prove that something happened.