Checklist: How to avoid an accidental breach when personal information is ‘hidden’ in documents
-
Due to the Data (Use and Access) Act coming into law on 19 June 2025, this guidance is under review and may be subject to change. The Plans for new and updated guidance page will tell you about which guidance will be updated and when this will happen.
You are responsible for complying with your obligations under the UK GDPR and Data Protection Act 2018 (DPA 2018) and, where relevant, other information rights legislation, including the Freedom of Information Act 2000 (FOIA). Whilst we make every effort to make sure this guidance is accurate at the time of publication (31 July 2025), we make no guarantees or representations that it will remain up-to-date or ensure compliance. Where appropriate, seek further guidance or advice before disclosing information in the specific circumstances. If you would like to suggest improvements to this guidance, please leave us feedback.
Steps you must take:
☐ We have appropriate data protection policies and procedures to help staff disclose documents securely and respond to breaches effectively.
☐ We keep personal information secure using appropriate methods (eg passwords and secure redaction techniques) (see also redaction checklist below).
☐ We comply with relevant obligations under information access and data protection legislation, if we need to remove personal information from a document or consider an appropriate format in which to disclose it.
Steps you should take:
☐ We give staff appropriate data protection training about disclosing documents securely and how to report breaches, including induction and regular refresher training.
☐ We check documents appropriately before disclosing them, considering the circumstances, including the risk of harm if personal information was accidentally disclosed.
☐ We know how to remove personal information that we cannot disclose and how to redact it effectively (see also redaction checklist).
☐ We avoid using ineffective techniques to keep personal information secure. For example, we don’t:
- change the font colour to be the same as the background;
- cover information with objects; or
- format text to make it invisible.
Steps you could take:
☐ We raise awareness in our organisation about the risks of accidentally disclosing documents containing hidden personal information.
☐ We use software functions, where available, to help us search for text that is the same colour as the background (eg the ‘Find and Replace’ text function in Microsoft Word and Excel).
☐ We use software tools (eg Document Inspector in Microsoft software), where available, that are designed to help us find (and remove where possible and appropriate) various types of personal information in documents. For example, Document Inspector can help us find:
- information formatted as invisible;
- metadata (eg document properties, email routing information and EXIF (Exchangeable image file format) information in image files);
- embedded files and objects; and
- any ‘markup’ (eg comments, ink annotations and tracked changes).
☐ If we want to retain a picture of an embedded object (eg chart) but remove underlying information, we consider whether it is an option to copy and paste the picture of the object only into a new document (eg the ‘Paste Special’ feature in Microsoft software).
☐ We convert complex documents to simpler formats (eg txt or csv files), where appropriate, to reveal all the displayable information in the document.
☐ We check the file size is not larger than we would expect for the volume of information we intend to disclose.
☐ We use a retention schedule to help us identify when to remove or delete personal information permanently.