Manage your information and records

Updated on 20 February 2024

Guidance on creating, storing, using, sharing, archiving, and deleting the records that you produce.

On this page

This guide covers how to effectively manage your information and records.

This will help you to: 

  • find the files you need
  • avoid accumulating folders and folders of information
  • avoid sharing information with people who shouldn’t see it
  • be compliant with information legislation and reduce risk to the University


Records move through different phases. At each stage, there are questions you should ask and actions you can take. This ensures you are following best practices. 

The diagram shows the six stages of file management. They are: Create, Store, Use, Share, Archive, and Delete.


When you create records here are some key things to keep in mind:

  • Use University managed devices
  • Use approved software, particularly if processing personal information
  • Be consistent with naming conventions for files or folders 
  • Think about how long you might want to keep things (retention)
  • Make sure only people who need to can access your records

What is personal information

Personal information is information relating to any identifiable individual. If you are creating and storing this, you should make sure you are complying with data protection legislation. 

You should only collect, keep, and share necessary information. You should also be transparent about what you are doing. 

For more information on Data protection

Naming conventions 

When creating files or folders or any kind of record, you should make sure it is easy to understand what is in the folder. It is a good idea to agree on a consistent approach across your department or unit. Consider the following:

  • Files should be named consistently
  • File names should be short but descriptive (<25 characters)
  • Avoid special characters (" # % * : < > ? / \ |) or spaces in a file name – spaces become "%20" in hyperlinks
  • Use capitals and underscores instead of spaces or slashes
  • If you are including a date use the date format: YYYYMMDD 
  • If you are including a version number be consistent


You should store your records on university systems in the appropriate place.

For example: 

  • OneDrive for personal files
  • Teams for collaborative working
  • SharePoint for storing and saving documents in a Library

If something is confidential, you can flag it as that either in the file name or by using the tools in SharePoint. 

For more information about which data might be sensitive or confidential and where to store it see the classification scheme


Make sure that you share information securely. 

Top tips:

  • Ensure access to your folders is controlled and that you know who can view them.
  • If you are sharing links, double-check you are sharing with the correct person.
  • If you are sharing documents via email that contain confidential or personal information, password-protect them. You should then send the password in a separate email. 
  • Always check the name of the person you are emailing
  • If forwarding emails make sure there is nothing in the trail that shouldn’t be forwarded

What to do if you share something in error

If you have sent an email to the wrong person using your University email, you can Recall or replace a sent email in Outlook. 

If you have accidentally shared confidential or personal information, you must contact Information Governance.

Archiving and deleting

The University follows retention policies created for Higher Education by JISC.

You should only keep things for as long as is necessary. Our general guidance on retention of records covers how long you should keep records. If you are unsure about deleting something, check with your line manager or Information Governance.

It's a good idea to schedule a morning each month to go through your folders. Delete anything that's no longer needed.

If you think your information might be historically significant contact the University Archives