Transcription
Captions (FCC/SDH)
Transcript Editing & Proofreading
Translation (text/audio/images)
Subtitles
Video Description (AD)
A retention schedule tells your team what research files to keep, where to keep them, and when to dispose of them. For audio, transcripts, consent forms, and analysis files, the safest schedule is the one that matches your IRB approval, participant consent language, sponsor rules, and institutional policy.
Use the template below as a starting point, not as legal advice. Your final version should name each file type, its risk level, retention trigger, retention period, storage owner, disposal method, and proof of disposal.
Key takeaways
- Start with your IRB protocol, consent form, data management plan, sponsor terms, and institutional record policy.
- Separate raw audio, identifiable transcripts, anonymized transcripts, consent forms, and analysis files because they carry different risks.
- Keep raw audio only as long as you need it for transcription, quality checks, verification, or approved reanalysis.
- Document every disposal action with date, file category, method, approver, and staff member.
- Do not promise participants one retention period while your grant, journal, IRB, or university requires another.
Why a retention schedule matters for research files
Research teams often collect more data than they need for final analysis. Audio files, video files, transcripts, consent forms, notes, and codebooks can all contain names, voices, locations, health details, job titles, or other identifiers.
A clear retention schedule helps you reduce risk without losing records you still need. It also helps new staff understand what they can delete, what they must keep, and who can approve each action.
Audio and transcripts deserve special care because they can reveal identity in different ways. A voice may identify a participant even when the transcript removes names, and a transcript can still identify someone through context.
Consent forms also need careful handling because they link a real person to a study. Many teams store consent forms apart from research data so fewer people can connect names with responses.
Your schedule should answer six simple questions for every file type:
- What is the file?
- Does it contain direct or indirect identifiers?
- Why do we need to keep it?
- When does the retention clock start?
- Who can approve disposal?
- How will we prove we followed the schedule?
For regulated or human-subjects research, do not set these answers in isolation. The U.S. Office for Human Research Protections describes IRB recordkeeping rules under 45 CFR 46, and your institution may add stricter rules.
Retention schedule template for audio, transcripts, and consent forms
The table below gives you a practical structure. Replace the example periods with the terms approved by your IRB, institution, sponsor, funder, journal, or legal team.
Research file retention template
- Project name: [Insert study title]
- Protocol or IRB number: [Insert number]
- Principal investigator: [Insert name]
- Data steward: [Insert role or name]
- Schedule approval date: [Insert date]
- Next review date: [Insert date]
| File category | Examples | Identifier risk | Retention trigger | Typical schedule to customize | Storage and access | Disposal method |
|---|---|---|---|---|---|---|
| Raw audio or video | Interview recordings, focus group audio, screen recordings, field recordings | High, because voice, image, and context can identify people | After transcript quality check, participant review, or analysis verification | Delete as early as the approved protocol allows, unless needed for audit, reanalysis, or sponsor terms | Encrypted storage with access limited to approved staff | Secure deletion from active storage, backups, and local devices where possible |
| Identifiable transcript | Transcripts with names, places, organizations, timestamps, speaker labels, or case IDs | High to medium, depending on content and coding keys | After final coding, validation, or replacement with anonymized version | Keep only while identifiers serve an approved research purpose | Restricted folder, controlled sharing, no personal email storage | Secure deletion or approved archive if required |
| Anonymized or de-identified transcript | Transcript with names removed, locations generalized, and case key separated or destroyed | Lower, but not zero, because context may still identify someone | After de-identification review and lock of final analysis dataset | May be kept longer if consent, IRB approval, and policy allow future use | Project repository, restricted shared drive, or approved archive | Delete at end of approved period or transfer to approved repository |
| Consent forms | Signed forms, e-consent records, waiver documentation, assent forms | High, because they link names to participation | Study closure, last participant contact, or final report date | Follow institutional and IRB minimums; do not shorten without approval | Separate secure location from research responses | Shred paper forms or securely delete electronic forms after the approved period |
| Analysis files | Codebooks, coded excerpts, memos, matrices, exports from analysis software | Varies, because quotes and notes may contain identifiers | After publication, final report, sponsor acceptance, or study closure | Keep the minimum needed to support findings, audit, or approved reuse | Approved project storage with role-based access | Delete, anonymize, or archive based on content and approval |
| Linking keys | Participant ID crosswalks, contact lists, recruitment logs | Very high, because they connect data to real people | After follow-up, compensation, member checking, or withdrawal window ends | Destroy as soon as the link is no longer approved or needed | Separate encrypted storage with very limited access | Secure deletion, with disposal logged separately |
If your team uses transcription vendors, add a vendor column to the template. Record who receives files, what they receive, when they return work, and when they must delete their copies.
Also note whether you used verbatim, clean verbatim, translated, or summarized transcripts. That choice can affect how long you need audio for quality review or dispute resolution.
How to align the schedule with IRB approvals and institutional policy
The retention schedule should not create new promises after the study starts. It should reflect the promises and limits that already appear in your approved materials.
1. Review the approved protocol
Start with the version that the IRB approved, not a draft on someone’s laptop. Look for sections on data storage, confidentiality, future use, sharing, withdrawal, and destruction.
Copy key terms into your schedule in plain language. If the protocol says recordings will be deleted after transcription, your schedule should not keep them for future training or reuse unless you obtain approval.
2. Check the consent language
Participants may have agreed to one use but not another. For example, they may allow interview analysis for the current study but not data sharing with other researchers.
Look for wording about recordings, quotes, future research, data repositories, commercial use, and withdrawal. If the consent form promises deletion after a certain step, treat that promise as a hard limit unless your IRB approves a change.
3. Compare with institutional policy
Your university, hospital, agency, or company may have its own rules for research records. These rules may cover minimum retention periods, secure storage, cloud tools, offboarding, and litigation holds.
When rules conflict, ask your compliance office, records office, legal team, or IRB administrator which rule controls. Do not solve conflicts by choosing the shortest period.
4. Add sponsor, funder, and publication needs
Some funded projects include data sharing, audit, or recordkeeping terms. Journals may also ask authors to preserve data that supports published findings.
These needs do not override participant consent or IRB limits by default. If a sponsor expects data sharing, the consent and IRB application should support that plan before data collection begins.
5. Record amendments and exceptions
If your team changes a retention period, storage tool, vendor, or reuse plan, record the change. Many changes need IRB review before you act.
Keep a version history for the schedule. Include who approved the change, when it took effect, and which files it covers.
Practical steps to build and maintain your retention schedule
A retention schedule works best when the team can follow it during normal work. Do not build a complex chart that only one person understands.
Step 1: Create a file inventory
List every place where files live. Include recorders, phones, laptops, cloud drives, transcription platforms, email attachments, shared folders, analysis software, and backup locations.
For each location, note the file owner and access level. This helps you find hidden copies before disposal.
Step 2: Classify files by sensitivity
Use simple labels such as high, medium, and low sensitivity. Raw audio, signed consent forms, and linking keys usually need the strictest controls.
Do not assume a transcript is low risk just because you removed names. Rare roles, events, locations, and quotes can still identify people.
Step 3: Set retention triggers
A trigger is the event that starts the retention clock. Better triggers include “transcript verified,” “member checking complete,” “study closed,” “final report accepted,” or “withdrawal period ended.”
Avoid vague triggers such as “when no longer needed.” Vague wording leads to inconsistent decisions and makes audits harder.
Step 4: Define the approved disposal method
Different formats need different disposal methods. Paper forms may need shredding, while electronic records may need secure deletion from approved storage and removal from sync folders.
For media sanitization decisions, many organizations use guidance such as NIST Special Publication 800-88. Your institution may already have a standard method, so use that first.
Step 5: Assign roles
Name the person who reviews retention dates, the person who approves deletion, and the person who performs deletion. In small teams, one person may hold more than one role, but the approval path should still be clear.
Also define what happens when a student, contractor, or staff member leaves. Offboarding should include file return, access removal, and confirmation that local copies are gone.
Step 6: Review the schedule at set points
Review the schedule at study start, after data collection ends, before analysis begins, at study closure, and before archiving. A short review can catch old audio files or duplicate consent scans before they spread.
Keep the review notes with the study records. These notes show that the team actively managed retention instead of relying on memory.
Disposal checklist and audit trail documentation
Disposal should be planned, approved, and recorded. A careful audit trail protects participants and helps the team answer later questions about what happened to the data.
Pre-disposal checklist
- Confirm the current IRB-approved protocol and consent terms.
- Check institutional, sponsor, funder, and legal hold requirements.
- Confirm that the retention trigger has occurred.
- Confirm that no pending analysis, correction, appeal, or participant withdrawal issue needs the file.
- Identify all copies, including local downloads, sync folders, backups, vendor portals, and email attachments.
- Confirm whether the file has been replaced by an anonymized version.
- Get written approval from the named approver.
Disposal action checklist
- Delete files from approved active storage.
- Remove local copies from computers, recorders, phones, and external drives.
- Delete unneeded exports from transcription or analysis tools.
- Ask vendors or collaborators to confirm deletion when their copy falls under the schedule.
- Shred paper forms using the institution’s approved process.
- Remove files from shared folders where access is no longer approved.
- Record any backups that will age out under normal backup cycles.
Audit trail documentation
Your audit trail does not need to expose participant content. It should prove that you followed the approved process.
Keep a disposal log with these fields:
- Project name and protocol number
- File category, not participant content
- File location or system name
- Date range or batch ID
- Retention trigger and trigger date
- Approval name, role, and approval date
- Disposal method
- Person who performed disposal
- Date completed
- Exceptions, delays, or files held back
- Vendor or collaborator deletion confirmation, if relevant
Use batch IDs when listing every file would reveal sensitive details. For example, “Interview audio batch A, participants 001–020” may work better than file names that include real names.
Example disposal log entry
- Project: Rural Caregiver Interview Study
- Protocol: IRB-2026-014
- Category: Raw audio
- Batch: Audio interviews 001–015
- Trigger: Transcript verification complete
- Approval: PI approval on 2026-09-12
- Method: Secure deletion from project drive and encrypted recorder
- Completed by: Research coordinator
- Completed date: 2026-09-13
- Exception: Interview 009 held for approved participant review until 2026-09-30
Common pitfalls and decision criteria
Most retention problems come from unclear promises, duplicate files, and late decisions. A simple decision rule can prevent many of them.
Pitfall: Keeping raw audio “just in case”
Raw audio can be useful for transcript review, tone, and quote verification. It can also carry high identity risk because the participant’s voice remains present.
Ask whether you still need the audio for an approved purpose. If the answer is no, follow the approved deletion plan.
Pitfall: Treating anonymized transcripts as risk-free
Anonymization lowers risk, but it may not remove all risk. A job title, small town, rare illness, or unique event can still point to one person.
Build a de-identification review into your workflow. If you need accurate transcripts before that step, consider a quality review or transcription proofreading process before you remove identifiers.
Pitfall: Forgetting vendor copies
If an outside service helps with transcription, translation, analysis, or storage, your schedule should cover those copies. Ask how files move, who can access them, and when deletion happens.
Keep vendor deletion confirmations with your audit trail if your policy requires them. Do not rely on informal chat messages as your only proof.
Pitfall: Mixing consent forms with interview data
Consent forms often contain names, signatures, contact details, and dates. When you store them with transcripts, more people can link a person to their responses.
Store consent records separately when possible. Limit access to the staff who need to manage consent, withdrawal, or audit duties.
Decision criteria for each category
- Need: Does the file still support an approved study task?
- Promise: What did the consent form tell participants?
- Rule: What do the IRB, institution, sponsor, or law require?
- Risk: Could this file identify or harm a participant if exposed?
- Replacement: Is there a less sensitive version that serves the same purpose?
- Proof: Can you document the decision and action?
If you cannot answer these questions, pause before deleting or keeping the file. Ask the PI, IRB office, records manager, or legal team for guidance.
Common questions
How long should I keep interview audio after transcription?
Keep it only for the period approved in your protocol, consent form, and institutional policy. Many teams plan to delete audio after transcription, quality checks, and any approved participant review, but your study rules control the final answer.
Can I keep anonymized transcripts longer than identifiable transcripts?
Often, yes, if your IRB approval, consent language, and institutional policy allow it. You should still review the transcript for indirect identifiers before treating it as low risk.
Should consent forms follow the same schedule as transcripts?
Not always. Consent forms may have different retention rules because they document participation and link identity to the study.
What if the consent form and institutional policy say different things?
Do not guess or choose the easier rule. Ask your IRB office, records office, compliance team, or legal counsel how to resolve the conflict.
Do I need to delete files from backups?
Follow your institution’s backup and records policy. Some systems remove deleted files when backups expire, while other cases may require special handling.
What should I document if I delete a batch of files?
Record the file category, batch ID, location, trigger, approval, method, date, and person who completed the action. Avoid listing sensitive content in the log unless your policy requires it.
Can I use transcripts for a future study?
Only if the original consent, IRB approval, and institutional policy allow that future use. If they do not, you may need a new approval, new consent, or a different dataset.
Final thoughts
A strong retention schedule is simple, specific, and tied to the promises made to participants. It separates high-risk files from lower-risk files and gives your team a clear path for review, storage, disposal, and audit trails.
If your schedule includes interviews, focus groups, or recorded research sessions, accurate transcripts can make review and de-identification easier to manage. GoTranscript provides the right solutions for teams that need reliable professional transcription services as part of a careful research data workflow.
