Edinburgh Records Retention & Information Law

General Governance and Administration Scotland 3 Minutes Read ยท published February 12, 2026 Flag of Scotland

This guide explains record retention schedules and information management requirements for public bodies in Edinburgh, Scotland, and how organisations should classify, retain and dispose of records lawfully. It summarises the City of Edinburgh Council approach to records governance, routes for requests and complaints, key time limits and practical steps for compliance, and points you to the official council pages and forms for making information requests or data subject access requests.

Scope & Legal Basis

City record retention and information-management policy sits within the Council's information governance framework and is implemented alongside Freedom of Information and data protection obligations. Where the Council publishes retention schedules or guidance, the Information Governance team administers retention, access and secure disposal. For the Council's official guidance see the information governance page City of Edinburgh Council information governance[1] and the Freedom of Information guidance Freedom of Information and FOISA[2].

Records Classification & Retention Schedules

Council records are typically classified by business function and assigned retention periods in an official retention schedule. Departments must follow the schedule when retaining, transferring or destroying records and must record disposal actions in audit logs. Key practical steps include creating an inventory, assigning retention codes and scheduling regular reviews.

  • Inventory records by function and format (paper, digital, email).
  • Apply retention codes from the Council schedule and set review dates.
  • Use secure disposal methods for confidential records and keep disposal logs.
Retention schedules must balance operational need, legal obligations and privacy rights.

Penalties & Enforcement

Specific fines or statutory penalties for failing to follow internal retention schedules are not listed on the Council pages; enforcement most commonly occurs through regulatory action, internal disciplinary processes or complaint escalation to oversight bodies. Details on statutory appeals and timescales for information requests are set out under the Council FOI guidance Freedom of Information and FOISA[2].

  • Fine amounts: not specified on the cited page.
  • Escalation for repeat or continuing breaches: not specified on the cited page.
  • Non-monetary sanctions: internal orders, mandatory corrective actions, data removal, suspension of access, referral to regulators or court action.
  • Enforcer: Information Governance team, Legal Services and the Council's Data Protection Officer; external oversight may include the Scottish Information Commissioner or UK Information Commissioner where relevant.
  • Inspections and complaints: raise service-specific complaints with the Council or use the FOI complaints route then escalation to the Commissioner; see official FOI guidance for complaint steps and time limits Freedom of Information and FOISA[2].
  • Appeals and review: statutory FOI complaint/appeal routes are described on the Council FOI page; statutory response time for FOI requests is stated on the Council page as applicable under FOISA.
Where fines or specific penalties are needed, the cited pages refer to regulatory escalation rather than fixed municipal fines.

Applications & Forms

Common official actions:

  • Freedom of Information requests (FOI/FOISA): use the Council's FOI request process; see the Council FOI guidance for how to submit and for any online forms or portals Freedom of Information and FOISA[2].
  • Data Subject Access Requests (SARs): refer to the Council's data protection pages for submission method, identity verification and any fee information; if a specific SAR form is required it is published on the Council pages.
If no published form exists, submit a written request specifying what records you want and your contact details.

FAQ

Who is responsible for records retention at the City of Edinburgh Council?
The Information Governance team, with Legal Services and departmental records officers, manage retention and disposal policies.
How long does the Council keep records?
Retention periods vary by record type and business need; consult the Council retention schedule or contact Information Governance for specific retention periods.
How do I appeal if my FOI request is refused?
Use the Council's internal review process and, if not satisfied, escalate to the Scottish Information Commissioner as set out on the Council FOI guidance.

How-To

  1. Identify the records and business function to which each record belongs.
  2. Consult the Council retention schedule or contact Information Governance to assign a retention code.
  3. Apply secure storage and set automated or manual review dates according to the retention period.
  4. When the retention period expires, record disposal in an audit log and destroy records securely.
  5. Maintain a current inventory and review schedules annually or when business processes change.

Key Takeaways

  • Follow official retention schedules and document disposal actions.
  • Use the Information Governance team for guidance and to resolve disputes.
  • Escalate FOI complaints via the Council then to the Scottish Information Commissioner if unresolved.

Help and Support / Resources

  1. [1] City of Edinburgh Council information governance
  2. [2] Freedom of Information and FOISA - City of Edinburgh Council

Categories

General Governance and Administration Public Safety Public Health and Welfare Land Use and Zoning Housing and Building Standards Transportation Environmental Protection Parks and Public Spaces Business and Consumer Protection Taxation and Finance Labor and Employment Education Civil Rights and Equity Elections and Campaign Finance Events and Special Uses Signs and Advertising Utilities and Infrastructure Technology and Data