Skip to main content

Supporting Guidance Standard 3.5

Health and Care Standards

Supporting Guidance

Standard 3.5 Record Keeping


What is the Standard about?

This standard covers all records within any organisation, department, or practice, in both non clinical and clinical settings.  Records management is concerned with having a systematic and planned approach to the management of all records and to ensure that the record supports safe, high quality care, supports future patient care and provides the mechanism for communication between health professionals.  The data within the record must be fit for purpose.  The organisation or service must ensure that from the moment any record is created until its final disposal, that there is control over the quality and quantity of information it generates.  A record must contain information which is adequate to its purpose but at the same time should not contain information which is not relevant to the purpose for which it is kept for.  When information is no longer required there should be mechanisms to dispose of the information securely and efficiently.


Who is it for?

All health professionals, services and users in healthcare settings

In relation to the standard criteria (in bold) the following key questions need to be considered

Paper and electronic clinical record quality is improved through adoption of the Academy of Medical Royal Colleges standards for the clinical structure and content of patient records.

  • Is your paper to electronic record design commensurate with all records management standards and legislative requirements?
  • How do you ensure that the key data relating to core transactions of healthcare are recorded accurately and accessible to the patient and healthcare professional?
  • Is there evidence that the organisation has processes in place to constantly improve the recording of the NHS number; including monitoring key performance indicators

Clear accountability for record keeping supports effective clinical judgements and decisions.

  • What is the committee structure for reporting on records management within the organisation?
  • Does your have nominated Information Asset Owners, and a Senior Information Risk Owner?
  • Does your organisation keep information asset registers and undertake information risk assessments and ensure these feed in to the organisation’s main risk register as appropriate?
  • What safeguards are in place for paper and electronic records to ensure business continuity or disaster recovery?
  • Have business continuity plans been fully tested?
  • How do you meet the Caldicott and Data Protection Act principles?
  • Do all staff understand their role and responsibility for records and record keeping and know where to seek professional guidance?
  • How do you gain assurance that staff receive training on records and record keeping commensurate to their role? What follow up is there for staff who miss training?
  • Do all staff understand the need for safe record keeping?
  • What follow up arrangements are in place for staff who make significant errors in record keeping?
  • Does each account in the record have a diagnosis / treatment plan / decision recorded?

There is effective communication and sharing of information between members of the multi-professional healthcare team and the patient.

  • How do you ensure all records are accurate?
  • How do you ensure all records are complete?
  • How do you ensure all records are understandable?
  • Are patient information leaflets regularly reviewed and contain the most up to date information
  • Are clinical letters routinely shared with the patient and contain layman’s terms to aid their understanding?

Record keeping supports clinical audit, research, allocation of resources and performance planning.

  • Is there standardisation of documentation to ensure clinical data is captured accurately and accessible?
  • Is the data fit for purpose and how is this measured?
  • Is consent and governance properly addressed to allow for audit and research?

Evidence shows how decisions relating to patient care were made.

  • Do you audit the quality of the record and implement improvements?

Identification of risks enables early detection of complications.

  • How do you identify and mitigate against risk in respect of this standard?
  • A number of formal clinical risk assessments are undertaken during the patient interaction with the healthcare provider e.g. on admission, is there evidence that these risk assessments are being comprehensively completed and are individual to the patient.

Record keeping supports the delivery of services, patient care and communications.

  • How does your organisation support the use of anonymised information using recognised standards?
  • Is clinical research supported by using confidential methods for selecting clinical trials candidates using patient records?

Records are designed, prepared, reviewed and accessible to meet the required needs.

  • Has there been an audit identifying whether the structure of the paper record meets the standards set by the organisations e.g. filed correctly?
  • Where specific templates have been designed to capture clinical information, is there evidence these have been reviewed within the last 2 years?
  • Does the organisation have a governance structure in place to ensure corporate acceptance of templates and clinical documents?

Records are stored securely, maintained, are retrievable in a timely manner and disposed of appropriately.

  • How do you ensure that all records are stored securely?
  • Are security controls deployed which are proportionate to the sensitivity of the information?
  • Are there physical access controls in place for buildings, storage areas and rooms within buildings?
  • Are security procedures regularly reviewed and their effectiveness monitored?
  • How do you ensure that all records are retrievable in a timely manner?
  • How do you ensure that all records are accessed legitimately?
  • How do you monitor who has accessed records?
  • Has the organisation established appropriate confidentiality audit procedures to monitor access to person identifiable information?
  • How do you ensure that all records are disposed of appropriately?
  • Who provides authorisation for the destruction or permanent preservation of records?
  • Do you get certificates of destruction for personal information?
  • Do you have Data Protection Act compliant contracts in place with any data processors, such as storage, scanning or shredding companies?

Records are accurate, up-to-date, complete, understandable and contemporaneous in accordance with professional standards and guidance; and shared when appropriate.

  • How do you ensure that all records are fit for the purpose in which they are designated for?
  • How do you ensure that records created are reviewed when necessary?
  • How do you ensure that records are accessible to those that require access?
  • Do you audit your records management systems and implement improvements?
  • Do you have clear arrangements for managing all records?
  • Do you have a comprehensive records management policy which:
  • includes clear guidelines on :
    • the storage of records?
    • the process for records creation?
    • staff training in record keeping?
    • formal procedures for closure, disposal and retention of records?
  • Do you have clear arrangements for monitoring records and record keeping activities?
  • Does your organisation have a policy and established procedures in place to ensure the security of paper and electronic records in transit?
  • Is your paper to electronic record design commensurate with all records management standards and legislative requirements?

People’s personal records are regularly updated and available to them.  To ensure confidentiality, they are kept secure and comply with the Data Protection Act 1998.

  • Is compliance with the Data Protection Act 1998 Subject Access requirements monitored and reported?
  • Do you have a policy on dealing with requests for records under the Data Protection Act 1998 or the Freedom of Information Act 2000 and Environmental Information Regulations 2004?

Care, treatment and decision making is supported by structured, accurate and accessible patient records documenting the conversations between people and health professionals and the resulting decisions and actions taken and reflects best practice founded on the evidence base.

  • Do you have evidence of clinical audit being undertaken routinely within each specialty with regard to record keeping and actions taken to correct any non-compliance?


Legislation and Guidance




Good Practice Guides


Useful Contacts