Retention, Review and Disposal (RRD) Practitioner

AIM OF JOB

Assess records across key Counter Terrorism Policing (CTP) intelligence and investigations systems and independently make retain or dispose decisions. This will consider both the legislative requirements and the operational impact of RRD in connection with ongoing threat, risk or safeguarding management.

Comply with the legal obligations, in terms of the Data Protection Act 2018 (DPA 2018), General Data Protection Regulation (GDPR) and Information Management Authorised Professional Practice Guidelines (IMAPP).

MAIN DUTIES AND RESPONSIBILITIES

• Responsible for accurately conducting all scheduled and triggered reviews on the National Common Intelligence Application (NCIA) to ensure that the data held is legally compliant.
• Responsible and authorised to retain or dispose of national records, providing an accurate and legally compliant rationale which must be cognisant of interdependencies with wider legislation and national CTP risk management. 
• Balance the operational risks against compliance obligations when reviewing information and provide appropriate legally based rationale for your decisions.
• The practitioners will be expected to work at pace in order to meet changing deadlines and risks associated with the data.

Communications & Working Relationships

• Liaise with intelligence teams to obtain further contextual information to support RRD determinations.
• Work with the wider RRD Practitioner community to identify best practice and opportunities for continuous improvement.
• Engagement with the RRD Managers to escalate issues and receive feedback from assurance checks (daily/weekly).
• Highlighting requirements for re-indexation or rectification detected through RRD reviews.
• Occasional engagement with the legal department and the National Archive for transfer of any records of historic value.

RRD delivery

• Make independent RRD assessments as to whether to retain or delete records, using the National Retention Assessment Criteria (NRAC) as a framework for risk-based decision making, applying professional judgement. This should be in line with relevant legislation and guidelines including Data Protection Act 2018 (DPA 2018) and Information Management Authorised Professional Practice guidelines (IMAPP).
• Perform RRD assessments on records due for scheduled or triggered review on behalf of national CTP Intelligence and Investigations capabilities.
• Deliver the operational benefits associated with an effective RRD regime by ensuring that only relevant and necessary data is retained in the network.
• Fully understand the operational impacts in connection to CT threat, risk and safeguarding of RRD decisions; to ensure records are only disposed of if there is no longer a policing purpose or legal basis for retention.
• Maintain confidentiality in relation to data protection issues and Management of Police Information (MoPI).
• Liaise with relevant representatives of the CTP Network where necessary to obtain further contextual information to support RRD determinations.
• Review and determine that the MoPI grouping of information marked for retention is accurate in line with threat and risk posed to CTP.
• Record clear rationale for each RRD decision made to ensure that an audit trail is maintained in order for the Data Controller to be able to discharge their legal obligations.
• Identify remediation requirements (such as re-indexation) to improve information management of records and increase intelligence research effectiveness
• Raise RRD technical or non-technical issues promptly through appropriate forums or with RRD Managers to ensure quick and efficient issue resolution.