Agenda item

The Information Governance and Data Protection Manager submitted a report that presented the newly drafted Access to Information Policy. He said that there were two recommendations, the first of which was asking Members to consider the draft policy and propose any amendments. Members were also being asked to recommend the policy, with any amendments, to Executive for adoption.

The Manager explained that the Council had conducted an information governance audit, as detailed at Appendix B to the report. The audit had recommended that all data protection and information governance policy to ensure these were updated and additional policies adopted.

Members were advised that the review had highlighted the need to introduce an Access to Information Policy, to enhance the Council’s commitment to best practice when complying with relevant access to information legislation. The Manager said that the Council had the appropriate access to information guidance available for staff and the public. He said that the policy would underpin this guidance and act as an overarching governing document.

The Manager provided an overview of the draft policy and summarised the key requirements the document would satisfy in terms of the lawful treatment of data under the UK GDPR and the 2018 Data Protection Act. He said that the policy sought to ensure that information that could be published was done so in line with the Council’s information scheme and the local government transparency code.

The meeting stood adjourned at 19:55 to allow Members and Officers who wished to do so to mark the reflection of one year since the first lockdown commenced in 2020. The meeting recommenced at 20:05. The Manager concluded by advising that the draft policy aimed to demonstrate further compliance with article 24(1) of the UK GDPR.

Councillor Hollebon asked about the charges under the access to information policy and the charge of £450 and whether the actual fee could be higher. The Manager said that the £450 was the standard fee under the regulations. He said that he would check, but for charges over £450, the fee was £25 per hour and the Council very rarely charged for access to information requests.

Councillor Goldspink thanked the Manager for the report into what was a sensible and comprehensive policy. She said that she was pleased to see that there was an information disclosure log. She expressed concern that the audit included as Appendix B was out of date and she was concerned that this audit had offered overall assurance in a limited way. She asked if this was the most up to date report as it indicated that the Council was at some risk. Councillor Goldspink requested that the Executive Member report back in June in terms of compliance with legislation.

The Manager said that this was the most recent report and he shared the Members’ concerns. He said that he had reviewed the various policies and privacy notices and he was satisfied that the Council was not currently at risk. He said that the Council was not fully compliant either and it was his aim to get the Council to a gold level of compliance.

The Head of Legal and Democratic Services said that he had spoken to the Shared Internal Audit Service (SIAS) in terms of when they would be providing an updated report. He said that he was confident that the next version of this report would present a very different picture.

Councillor Devonshire proposed and Councillor Symonds seconded, a motion that the draft Access to Information Policy be recommended to Executive for adoption and the Information Governance and Data Protection Manager incorporate any amendments to the policy suggested by Overview and Scrutiny Committee, in consultation with the Head of Legal and Democratic Services and the Executive Member for Corporate Services, prior to the presentation of the policy to Executive for adoption.

After being put to the meeting and a vote taken, this motion was declared CARRIED.

RESOLVED – that (A) the draft Access to Information Policy be recommended to Executive for adoption; and

(B)   the Information Governance and Data Protection Manager incorporate any amendments to the policy suggested by Overview and Scrutiny Committee, acting in consultation with the Head of Legal and Democratic Services and the Executive Member for Corporate Services, prior to presentation to Executive for adoption.