Minor updates and code changes occur every day. Only significant or noteworthy updates are shown here. Updates shown with a gold background are (or were at the time) only available to Advanced HOPS members.

Search: Clear


Time DateSystem Updates
Update 1027
25 December 2023
DATA RETENTION IN HOPS

Options have been provided for the retention periods of a new round of data types.

These can be viewed in System > HOPS Config Settings > Data Retention tab.

https://www.hops.org.uk/railway_detail.php?t=2

Permission 358 is required to edit.

The HOPS-recommended periods for retention are shown in brackets, which hopefully we will be able to reach consensus on.

Each railway is required to opt-in (or open a dialogue with us if there is a reason to not do so). Note, once opted-in it is not possible to opt-out again.

This CIPD document was used for inspiration: https://www.cipd.org/uk/knowledge/factsheets/keeping-records-factsheet

- User DOB (40 years)
- User postal address (40 years)
- User telephone (7 years)
- User email (7 years)
- User emergency contact (12 months)
- User skills & background (12 months)
- User values in local fields (12 months)
- User permission (3 months)

The '40 year' retention periods on DOB and postal address are justified by the potential need to identify members of staff who may, in future, bring legal action against the company for exposure to hazardous substances etc.

The '7 year' retention periods are justified by the need to contact former members of staff in the case of a late claim by a member of the public or railway enforcement authority.

The emergency contact data has a shorter period as that is also data about another subject who is not a member of the railway's staff, so carries slightly more risk. As the person no longer works for the railway there is limited (but not zero) likelihood that the railway will need to use the data.

The 'Continuous Improvement' page has also been updated to show the railway's status, HOPS Admin > Continuous Improvement.

https://www.hops.org.uk/continuous_improvement.php

* Background

Up to now HOPS has generally been considered not old enough to be storing data for which there was no outstanding lawful basis on which to store it, but as HOPS is now over ten years old that is no longer the case.

Some data is easier than others to think about retention/deletion. Some is 'nice to have', some is required for useful analysis, and some is vital to maintain for insurance etc purposes (where the record-keeping period can be 40 years or more).

Removing old data also helps maintain best use of system-resources and avoids HOPS becoming 'bogged down'.

All data must have a lawful basis for being stored (GDPR), so we must act reasonably in how long we store data for, especially after the person to whom it applies no longer works for the organisation. All data stored in HOPS is stored on the legal basis of 'legitimate interest' - ie it's all necessary data for the client organisations to store to run their businesses - it is not stored under the legal basis of 'consent' and therefore the subject user cannot withdraw their consent.

It is legitimate for businesses to store information about their former staff for a reasonable period of time, particularly to protect the company against subsequent legal, insurance or employment claims.