Archiving Documents: What You Can (and Can’t) Shred

When storage space runs low or you're planning a digital archive, it can be tempting to start shredding older files. But in highly regulated industries — like legal, finance, healthcare and local government — getting rid of documents too soon can land you in hot water.

At MDSS, we work with organisations across the UK to help them store, scan and securely destroy files in line with data protection laws and industry-specific retention rules. Here’s our guide to what you can and can’t shred — and how to archive smarter.

What You Can Shred

Let’s start with the files you can confidently dispose of — but only when you’ve followed the correct process.

1. Documents that have exceeded their retention period

Every document type has a retention schedule. For example:

• Patient records (minimum 8–25 years depending on the record)

• Financial records (typically 6 years)

• Employee records (usually 6 years after departure)

Once a document reaches the end of its retention period and is not subject to ongoing legal or audit requirements, it can be securely destroyed.

2. Duplicate records

If the original is being securely stored or has been digitised and backed up, then paper duplicates can usually go. Just make sure you’ve captured everything correctly before destroying the paper.

3. Outdated drafts or versions

Earlier drafts of contracts, proposals or internal documentation — as long as there’s a final, signed or approved version stored safely — can usually be destroyed.

What You Can’t Shred (Yet)

Not everything is safe to shred, and some files must be kept much longer than you might think.

1. Anything still within its retention period

Even if you haven’t looked at a file in years, it may still need to be stored. Retention rules are based on document type, not how often it’s used.

2. Records related to active or pending investigations

If your organisation is undergoing an internal investigation, audit or legal process, destroying related documents can breach compliance and obstruct justice.

3. Documents containing long-term contractual obligations

If a contract includes clauses with long-tail risk (e.g. warranties, liabilities), those documents often need to be retained well beyond the initial term.

4. Files containing sensitive personal data without backup

Sensitive data (e.g. medical information, ID documents, financial details) must be handled with extreme care. Never shred unless:

• You’re 100% sure the file is no longer required

• It’s been backed up or stored according to your policy

• The destruction is carried out securely, with certification

How to Archive Smarter

It’s not just about what to keep or shred — it’s about how you manage the whole lifecycle of your records.

1. Use a centralised archive register

Know what you hold, where it’s stored, and when each item is due for review.

2. Digitise where possible

Digital archives (done properly) make it easier to track retention, limit access, and avoid losing critical information.

3. Tag every document with a review date

This helps you stay ahead of compliance, avoid over-retention, and plan periodic clear-outs.

4. Work with a professional document management provider

   
   

At MDSS, we offer secure storage, retention scheduling, and confidential destruction with full compliance, including scanned certificates of destruction for your audit trail.

Need Help Deciding What to Shred?

Whether you’re sitting on a backlog of archive boxes or reviewing your document management process for compliance, we can help. From record audits to end-of-life destruction, we make sure your storage is efficient, secure, and fully compliant with UK GDPR, FOI and sector-specific guidelines.

Get in touch with our team today for practical advice and no-obligation support.