Investigation Manual

9. ECHO and record keeping 

There is an ECHO Manual on the intranet which explains various practical functions and features of the system.

All staff are responsible for complaint information security (see the Information Security Policy). 

9.1. Using the correct contact details 

ECHO should be used for all casework correspondence, using drop down lists and templates where available, to ensure correct addresses are used. Investigators should reassure themselves they are using the correct contact details, especially before using them for the first time. If the complainant is a user of the Online Complaints Service (OCS) and submitted their complaint via it, they must be advised to update their own details by logging in to their personal account. Non-OCS complaints can still be updated manually via ECHO.If at any stage the complainant reports they have not received correspondence, recheck the address with them before resending.

If at any stage the complainant reports they have not received correspondence, recheck the address with them before resending.

9.2. ECHO is the primary record

ECHO is the primary record for all complaints. 

  • Investigators must include all material which may be relevant to our decision making in the ECHO record. There is an upload limit of 20MB so very large files may need to be split. Where this is not possible, see Non-ECHO records.
  • However, we should be careful not to hold information we do not need. We often receive large volumes of incidental, unsolicited and irrelevant material. This should not be added to the ECHO record. The presumption is that it should be deleted or destroyed in line with the clear messages on our website and in our literature. We should return original material if requested or it has obvious value as a record or otherwise for the sender.
  • Intake transfer all casework documentation onto ECHO on receipt in the office, including CDs and other media where possible. The originals will be kept for 12 weeks in case the scanned copy is incomplete or illegible. To ensure the record is complete until destroyed, maintain its security and minimise the demands on Intake, access to the archive or hard copies will not be provided without agreement from the Assistant Ombudsman. If a mis-scan is suspected, Intake will check the ECHO record against the archive and re-scan as necessary. Any continuing problems should be discussed with the Assistant Ombudsman.
  • Where the material cannot be saved in ECHO (such as large plans), Intake will place a note in Notes & Analysis to state that other material is available. The allocated Investigator must then task Intake for it to be sent on. The Investigator must then ensure it is kept securely and log its new location on Notes & Analysis. 
  • When dealing with multiple complaints or BinJs, care needs to be taken to ensure relevant material is copied to all relevant records. 
  • Documents should be sent from ECHO, normally as pdfs. For users of text to voice software (which do not generally read pdfs), there is an option of not sending attachments in pdf format. 
  • Material which is received encrypted must be saved in ECHO in unencrypted form. 
  • Messages received via the Online Complaint Service (OCS) will be automatically added to the ECHO record. You will receive a task to inform you when that happens. Case emails received outside of the OCS should be moved into the ECHO record at the earliest opportunity. (See also the DO NOT DISCLOSE virtual folder.) 
  • Where a Coinweb email is opened by someone other than the case owner (for example, when it has been sent to multiple recipients), the first person to open it should move it to the case and set a task for the case owner (and others if they consider this appropriate). The email is automatically deleted from all inboxes as soon as it is moved. 
  • Key documents in ECHO should be clearly named: the document name must begin with the date (yy mm dd) and it must clearly explain the contents
  • It is important we gather useful data about BinJ performance. So examples of good or poor practice, failure to meet our time targets or failure to properly respond to enquiries should be recorded on the BinJ information screen. 

9.3.  Notes & Analysis

ECHO’s Notes & Analysis is its heart and will normally be the first information on the complaint the Investigator will consider. It should be used for all internal communications, including to note initial and other telephone calls, and external information (legislation, guidance, policies, etc) used to reach a decision. It should also be used to record developing thinking, if this is not otherwise clear. Notes & Analysis is part of the formal record of the complaint.

The time, date and substance of all telephone calls should be recorded in Notes & Analysis, including a note that we have checked if the complainant or representative requires reasonable adjustments to communicate with us. If a call is not made, the reasons should be recorded.

Notes & Analysis, together with significant correspondence such as enquiry letters, draft decisions and accompanying letters, should show the Investigator’s developing thinking about the complaint, including the nature and level of any remedy. Notes & Analysis need not repeat issues which are clearly addressed elsewhere.

Further guidance about the content of Notes & Analysis can be found here.

9.4.     ECHO virtual folders

Guidance on virtual folders, including what should be stored in the Decision and PDR folder, is contained here. 

9.5. The DO NOT DISCLOSE virtual folder and redaction

The DO NOT DISCLOSE virtual folder warns staff not to pass on documents stored in the folder without considering the Data Protection Act and other responsibilities (see Policy on Access to information). It is the Investigator’s responsibility to ensure all relevant information is saved, at the earliest opportunity, to the DO NOT DISCLOSE virtual folder, with DO NOT DISCLOSE in the record’s title. The following must be stored in this way:

  • Sensitive casework information. Sensitive casework information is described in the Information Security Policy 
  • Information which includes the personal data of others.
  • Privileged legal advice (including Assignment Requests and requests for ‘15 minute advice’ (see Legal Advice)).
  • Information accepted in confidence or with a s32(3) notice. We should not encourage or routinely accept the provision of information in confidence. See Openness and confidentiality, which explains our approach.
  • Notes & Analysis should contain the reason for saving the information to the virtual folder. 

To minimise the risk of data protection incidents, any entry in Notes & Analysis which contains information that should not be disclosed to the complainant, representative or BinJ, should be clearly marked before in red: DO NOT DISCLOSE THE FOLLOWING INFORMATION TO THE COMPLAINANT/REPRESENTATIVE/BINJ.  At the end of the information, it should be marked in red: END OF DO NOT DISCLOSE INFORMATION. The top of the first page of Notes & Analysis should also be marked in red that it contains information which should not be disclosed. 

When passing on information, care needs to be taken to redact material which should remain confidential. While we have made it clear to BinJs we see the redaction of their own material as their responsibility, as we will be sending it out we remain ultimately responsible for its content. Nuance software must be used for this purpose (see the guidance on how to use Nuance here). A copy of the unredacted document(s) must be retained in the DO NOT DISCLOSE folder. The redacted copy should be kept on the main record, with ‘redacted’ included in the file name.

Investigators should ask a Team Coordinator if they need help with sorting and redacting large volumes of unsorted material sent in by BinJs. But the Investigator must make the final check that all material that should not be disclosed has been secured.

9.6. Non-ECHO records

Where casework material cannot be saved to ECHO, it may be kept in K:\casework with a note saying why (for large computer files such as videos), or separately and securely in a locked cupboard (for example CDs). In all cases details should be included in Notes & Analysis.

  • When creating a folder in K:\casework Investigators must:
    • name the folder - ‘[case ref, no spaces] - [Complainant surname]- [Team] - [Investigator]’. For example ‘20010154 - Bloggs – IT2- John Doe – Open case’ for a complaint by Ms Bloggs investigated John Doe who works in IT2. 
    • The Investigator should set a task for their TC ‘Destroy K drive files’ for 12 months from the day they created the K drive folder.
    • If the case moves to a new owner the new owner must reallocate the task to their team’s TC.
    • Once the complaint is closed the Investigator must -
      • Change the date of the task to 12 months from the closure date and 
      • Remove ‘Open case’ from the K drive folder name and add ‘Destroy [month] [year]’ to the name of the folder. So in the example above this would now read ‘20010154 - Bloggs – IT2- John Doe - Destroy April 25’
    • When the task comes up the TC should check ECHO to see if the file management is later than 12 months after the closure date. If so, they should adjust the date of the task and the folder name accordingly. 
  • Investigators may create paper document files where this aids decision making. But the Investigator is responsible for safe storage, and for destroying all paper records when they close the case. The creation of a paper file, and its destruction, must be recorded in Notes & Analysis.
  • When, exceptionally, hard copy files are taken off site they must be kept secure and logged in and out of the office using the Document Tracking screen in ECHO. A line manager’s permission must be obtained before removing paper casework material containing sensitive casework information (see the Information Security Policy). Originals must not be removed from the office.
  • Similarly, if we need post sensitive casework information (for example to accompany a draft decision) we must use special delivery. Further information can be found in the Information Security Policy.
LGO logogram

Review your privacy settings

Required cookies

These cookies enable the website to function properly. You can only disable these by changing your browser preferences, but this will affect how the website performs.

View required cookies

Analytical cookies

Google Analytics cookies help us improve the performance of the website by understanding how visitors use the site.
We recommend you set these 'ON'.

View analytical cookies

In using Google Analytics, we do not collect or store personal information that could identify you (for example your name or address). We do not allow Google to use or share our analytics data. Google has developed a tool to help you opt out of Google Analytics cookies.

Privacy settings