Issue - meetings

The Head of Information, Customer and Parking Services submitted a report updating Members on the management of Data Protection and Information Security and which asked Members to support adopting governance arrangements for Data Protection. 

The Head of Information, Customer and Parking Services explained the potentially serious implications for the Council and individuals in relation to breaches of data compliance, the detail of which was set out in the report now submitted and supporting Essential Reference Papers.  He drew attention to Members’ role in relation to managing data protection requirements, especially when working on constituency case work and the details of individuals. 

The Head of Information, Customer and Parking Services explained that the Council had been strongly recommended to revise guidance in relation to Data Protection, so that Heads of Service were informed of the impact of the Data Protection Act, aligning this to Council’s existing arrangements for managing and monitoring risk.  In order to facilitate this, Corporate Management Team had agreed to the establishment of a one year post of Data Protection Compliance Officer.

In response to a query from Councillor J Wing regarding the need for a full time Officer, the Head of Information, Customer and Parking Services explained the rationale behind the need for such a post.  By way of example, Councillor J Ranger explained how the involvement of many agencies, some external, came into play in trying to resolve a resident’s issue and of the data protection implications of sharing such information.  The Chief Executive and Director of Customer and Community Services explained that it was crucial to embed data protection into the working culture so that each service took ownership of the information they held and processed.  He explained what difficulties might occur and what personal penalties would be incurred, should personal and sensitive information be lost on unencrypted laptops.  All Members who had not already done so were urged to ensure their laptops were encrypted as a matter of urgency.

Members noted the Council’s Data Protection Action Plan and supported adopting governance arrangements for Data Protection including the role for this Committee and the training that Members would receive to undertake this role.  Members also recommended that the Executive be requested to ensure that strong action be taken to ensure that all the Council’s computers were encrypted.

RESOLVED – that (A) the Council’s Data Protection Action Plan as now detailed, be supported;

(B)       governance arrangements for Data Protection and monitoring the Data Protection Action Plan be supported; and

(C)   the Executive be asked to ensure that strong action be taken to ensure that all the Council’s computers were encrypted.