Veterinary practice: destroying patient and owner data safely
A veterinary practice thinks mostly about animals, but behind the scenes processes plenty of owners' personal data. A patient file is about a dog or cat, but is in the owner's name, with address, phone number, payment details and often a complete treatment history. That makes the file fall under the GDPR just as a doctor's file falls under medical privacy rules.
This article explains which data a veterinary practice processes, how long you keep what, and how to destroy old files and data carriers safely and GDPR-proof. We set out the retention periods for you in a clear table, so you see at a glance what can go and what you must keep.
Which data does a veterinary practice hold?
- Patient files with animal data, owner data and treatment history.
- Prescriptions and lab results with names and medication.
- Payment and invoice data of the owners.
- Chip and registration data linked to the owner.
- Personnel files of assistants and vets.
- Correspondence about euthanasia, referrals or complaints.
Retention periods in a table
The GDPR requires storage limitation, so you keep nothing longer than needed. The table below gives a practical guideline per document type.
| Document | Retention period | Note |
|---|---|---|
| Financial records and invoices | 7 years | Tax retention obligation |
| Patient file (active) | While patient is in care | Owner data linked |
| Patient file (after last contact) | No longer than needed | Clean up periodically |
| Prescriptions and lab results | As per practice policy | Contains medication data |
| Personnel files | Up to 2 years after leaving | Payroll data partly 7 years |
A general overview per document type is in the retention periods cheatsheet. In doubt about a specific item, follow the rule that you keep it as long as you reasonably need it.
Owner data is personal data
The core of the GDPR for a veterinary practice is that the animal may be the patient, but the owner is the person behind the file. Name, address, phone number and payment details are personal data. A file recording that an animal was euthanised also touches a sensitive moment for the owner. So handle those documents with the same care you would expect from your own doctor. How this fits the wider GDPR picture for SMEs is in GDPR requirements for SMEs.
What the GDPR specifically requires
Two articles of the GDPR matter directly for a veterinary practice. Article 5 is about storage limitation, you do not keep personal data longer than needed for the purpose you collected it for. A file of a patient last seen years ago therefore falls outside that. Article 32 requires appropriate technical and organisational measures to protect that data. That duty runs until a document is destroyed beyond legibility.
If a stack of files ends up unshredded with the waste paper, that is a data breach. A serious data breach you report within 72 hours to the data protection authority. Structural negligence can lead to a fine. For a practice the solution is simple, a fixed destruction route prevents the whole scenario.
Paper and digital: clear out both
Most practices work with a practice management system, but alongside it paper remains, think of old paper cards, printed lab results and invoices. Clear out both. Delete digital files you no longer need under your retention policy and destroy the paper confidentially. Are you replacing an old server or computer? It often holds years of files. Hand over the data carrier for physical destruction, because deleting a file does not really remove the data, see data destruction. If you work with a cloud practice management system, check whether there is a processing agreement, because you remain responsible for the owners' data. If you occasionally export a list to a spreadsheet, delete that export as soon as you no longer need it.
Which DIN level do you need?
How finely paper must be shredded is set out by the DIN 66399 standard in levels. For a veterinary practice these mainly matter.
| Level | Particle size | Suitable for |
|---|---|---|
| P-2 | Strips | General print without data |
| P-4 | Small particles | Patient files, invoices, prescriptions |
| P-5 | Very small particles | Especially sensitive documents such as ID copies |
For ordinary practice documents P-4 is the workable minimum. For especially sensitive documents, such as a copy of an owner's ID, P-5 is indicated. A cheap office shredder rarely reaches that high level, professional destruction does.
Destroy safely, not with the waste paper
A patient file with a name, address and treatment history does not belong in the paper container behind the practice. Such a container sometimes stands on the street for days and is accessible to anyone. For loose documents a good shredder is enough, but when clearing out a whole archive or during a move, having it collected is faster and safer. You then get a certificate as proof. The general approach is in destroying confidential documents, the costs in what does archive destruction cost.
The proof: certificate of destruction
After a collection you receive a certificate of destruction with the date, quantity and DIN level. For a practice working with sensitive files that is valuable proof towards an owner asking what happened to their data, or towards a supervisor. Keep the certificate for at least five years in your GDPR file, together with the serial numbers of any destroyed data carriers.
What if it goes wrong? A data breach at a practice
Imagine that during a renovation a box of old patient files accidentally ends up with the waste paper instead of with the destruction. It holds names, addresses and treatment history of hundreds of owners. That is a data breach, even though it was a mistake. You assess whether it poses a risk to the people involved and report it within 72 hours to the data protection authority where needed.
With a fixed procedure such a mistake is almost ruled out. A locked bin for paper to be destroyed and a clear agreement about what goes where prevent a box ending up on the wrong pile.
A real-world example
Imagine two veterinary practices merging into a larger clinic. The active files move to the joint system, but in the old practice there are still cabinets full of paper files of patients who have not come for years. Moving those makes no sense. Putting them with the waste paper is a data breach. The practice has the expired files destroyed confidentially in one go, with a certificate. That way the new clinic starts with clean, GDPR-proof records. The same happens when a practice closes, where the files may not simply be left with the previous owner but must be handled carefully.
Sensitive moments in a file
Not every item in a patient file is neutral. Correspondence about euthanasia, a second opinion or a complaint touches an emotional moment for the owner. It is precisely those documents that should not end up out in the open in a paper bin. Treat them with the same discretion as the rest of the file and destroy them confidentially once the retention period has passed. That is not only a GDPR requirement but also a matter of respect towards the owner who entrusted their pet to you.
Destroy yourself or have it collected?
For a few files a month a shredder in the practice is enough, provided it shreds finely enough. But as soon as you clear out a whole archive, for example during a move or after switching to a digital system, such a device jams quickly. Then having it collected is more practical and safer. A certified party collects the boxes, destroys them to the right DIN level and gives you a certificate. Data carriers such as old hard drives can come along in the same collection, each destroyed to its own level.
Costs and process: what can you expect?
Having it destroyed is no big expense for a practice. You pay a fixed price per box or roll container, known in advance, with no surprises afterwards. Within 20 km of Amsterdam we charge no call-out fee. The process is short. You tell us how much material you have, plan a collection that fits the practice schedule and we collect it at your location. After that everything is destroyed to the agreed DIN level and recycled, with a certificate within a few working days. Data carriers such as old hard drives can come along in the same collection.
Arranged in 4 steps
- Take stock. See which paper files and data carriers with personal data can go.
- Separate keep from destroy. Keep the financial records for 7 years and clear out expired files.
- Destroy confidentially to a high DIN level, a few files yourself and a full archive via a collection.
- Keep the certificate in your GDPR file as proof.
What does an owner expect?
An owner entrusts their pet and their data to you. As with their own doctor, they assume that information is safe and does not just end up somewhere. A visibly tidy desk without files lying around and a clear approach to old data strengthen that trust. It takes little effort, but shows that your practice handles privacy professionally. That counts, because precisely around a sick or deceased pet people are extra sensitive to how carefully you handle their situation.
Periodic or one-off collection?
Do you have a one-off clear-out, for example after switching to a fully digital patient system or during a move? Then a one-off collection of the old paper archive is enough. Does paper keep coming in, such as printed lab results and invoices, then a fixed frequency is handier. You then place a locked bin emptied periodically, for example each quarter. That way the practice stays in order by itself without anyone having to think about it much.
Practical tips for the practice
- Place a locked bin at the desk and in the treatment room, not an open waste bin for paper with data.
- Tie the clear-out to the year-end, so expired files do not linger.
- Make the team responsible, so assistants and trainees also know where sensitive paper goes.
- Keep the certificates together, so you can show something immediately if an owner or auditor asks.
- Hand over data carriers in the same collection, so old hard drives and USB sticks disappear safely too.
Common mistakes
- Files with the waste paper. With owner data and treatment history that is a data breach.
- Keeping everything indefinitely. Keeping too long itself conflicts with the GDPR's storage limitation.
- Only thinking of paper. The old practice server holds files just as much.
- Keeping no proof. Without a certificate you cannot show careful destruction.
Clearing out, moving or merging the practice archive?
We collect your old patient files, invoices and data carriers and destroy them confidentially, with a certificate. No call-out charge within 20 km of Amsterdam.
Request a quoteFrequently asked questions
Do animal patient files fall under the GDPR?
The file is about an animal, but is linked to the owner with name, address and payment details. That means it contains personal data covered by the GDPR.
How long does a veterinary practice keep data?
Financial records for 7 years; patient files as long as they are needed for treatment and after that no longer than necessary. Certain documents have their own period.
Can I bin old files with the waste paper?
No. Files with owner data and treatment history should be destroyed confidentially, not in an open paper container.
What do I do when the practice is taken over or closes?
Transfer active files carefully and have expired files destroyed confidentially with a certificate as proof.
Which DIN level is needed for patient files?
For ordinary practice documents DIN 66399 P-4 is the workable minimum. For especially sensitive documents such as ID copies P-5 is indicated.
Must I report a data breach from binned files?
If lost data poses a risk to the people involved, you report the data breach within 72 hours to the data protection authority. A fixed destruction route prevents such incidents.
Conclusion
A veterinary practice processes more personal data than the focus on animals suggests. Patient files are in the owner's name and hold sensitive information, from payment details to euthanasia. Keep what is needed within the periods, clean out the rest periodically and destroy both paper and old data carriers confidentially. A few collections a year, a locked bin and a folder of certificates, not much more is needed. With a certificate you keep demonstrable control over your clients' privacy.
Ready to clear out your practice archive? Request a quote via desnipperaar.nl or see how to have paper shredded. Within 5 minutes you have a fixed price.