Decision details
Data Protection Act 1998 - New Policies
Decision status: Recommendations Approved
Is Key decision?: No
Is subject to call in?: No
Decisions:
All staff and Members of local authorities are obliged to comply with the Data Protection Act 1998 (the Act) which required individuals personal data we hold to be processed securely. Breaches of the Act can result in serious financial and reputational harm to both the Council and to those whose information we hold. The Information Commissioner had the power to issue penalties up to £0.5m in such cases. To effectively manage these risks, the Council had engaged a locum information governance lawyer to review the Council’s compliance with the Act. A key aspect of the ongoing work was to be ensure relevant policies exist and that these were current and effective in helping to manage business risk. These policies were presented for Members’ consideration and approval.
Cllr Mrs McKinlay MOVED and Cllr Kerslake SECONDED the recommendations within the report and following a discussion a vote taken on a show of hands it was
RESOLVED UNANIMOUSLY that
1. The proposed six policies appended to the report be approved by Members.
2. Delegated authority be granted to the Senior Information Risk Officer (currently the s151 Officer) acting in consultation with senior officers, the Chair of the Policy, Projects and Resources Committee and Monitoring Officer to make any minor adjustments or in respect of any changes in law as necessary.
Reason for recommendations
To assist in achieving effective compliance with the requirements of the Data Protection Act, so enabling the Council to keep related business risk to a minimum.
Report author: Gary Cordes
Publication date: 25/07/2017
Date of decision: 18/07/2017
Decided at meeting: 18/07/2017 - Policy, Projects and Resources Committee
Accompanying Documents:
- Data Protection Act 1998 - New Policies PDF 91 KB
- Appendix A - CLEAR DESK POLICY PDF 42 KB
- Appendix B - DATA PROTECTION POLICY PDF 71 KB
- Appendix C - INFORMATION SECURITY POLICY PDF 55 KB
- Appendix D - PRIVACY NOTICES POLICY PDF 58 KB
- Appendix E - PRIVACY IMPACT ASSESSMENTS POLICY PDF 47 KB
- Appendix F - CONSENT POLICY PDF 53 KB