Public rights of access to information Grisilda Ponniah, Corporate Information Governance Manager Mary Elliott, FOI Officer Legal & Democratic Services.

Slides:

Advertisements

Similar presentations

PRIVACY ASPECTS OF RE-USE OF PSI: BETWEEN PRIVATE AND PUBLIC SECTOR

Advertisements

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi David Cauchi Office of the Commissioner for Data Protection.

Introduction to Information Governance (IG)

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.

Data Protection.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi Office of the Data Protection Commissioner.

Data Protection & Freedom of Information The Practical Implications of Data Protection and Freedom of Information Caroline Dominey Data Protection Officer.

Data Protection and Records Management

Role of the Information Commissioner’s Office 'Promoting public access to official information and protecting your personal information' Christine Johnson.

Towards a Freedom of Information Law in Qatar Fahad bin Mohammed Al Attiya Executive Chairman, Qatar National Food Security Programme.

National Smartcard Project Work Package 8 – Information Law Report.

Audiences NI Data Protection Workshop

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Overview

The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.

 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.

The Legal Framework Can you work out which slide each bullet point should go on?!

1 OVERVIEW PRESENTATION FREEDOM OF INFORMATION (SCOTLAND) ACT 2002.

Data Protection for Church of Scotland Congregations

The Information Commissioner’s Office David Evans.

Regulation of Personal Information Daniel Pettitt, Leon Sewell and Matthew Pallot.

NHS England & Customer Contact Centre FOI Introduction 2013.

Data Protection and You Your Rights & The Law Registration Basics Other Activities Disclaimer: This presentation only provides an introductory info. Please.

LexisNexis Confidential EU Privacy Framework Michael Lamb LexisNexis Risk Solutions Vice President and Lead Counsel: Regulatory, Privacy & Policy May 19,

Data Protection, Freedom of Information and Information/Records Management.

The Data Protection Act 1998 The Eight Principles.

Data Protection STFC Presentation to PPD Senior Staff 26/11/2009 FoI/DP team.

Data Protection Act AS Module Heathcote Ch. 12.

Data Protection Act & Freedom of Information Simon Mansell Corporate Governance and Information Team.

Local Government Reform: Incorporating Planning Functions Ken Macdonald Assistant Commissioner (Scotland & Northern Ireland) Information Commissioner’s.

Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.

The Data Protection Act - Confidentiality and Associated Problems.

The Data Protection Act What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;

Data Protection for Church of Scotland Congregations.

IM NETWORK MEETING 20 TH JULY, 2010 CONSULTATION WITH 3 RD PARTIES.

12/12/2015 Data Protection Act /12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal.

Introduction Data protection is relevant to every individual, business or organisation today, not just Local Government. As well as protecting privacy,

Data Protection - Rights & Responsibilities Information Commissioner’s Office Orkney Practice Forum 4 th July 2007.

Information Systems Unit 3.

An Introduction to the Privacy Act Privacy Act 1993 Promotes and protects individual privacy Is concerned with the privacy of information about people.

INFORMATION GOVERNANCE AND CONFIDENTIALITY Information Governance Facilitator.

DATA PROTECTION ACT (DPA). WHAT IS THE DATA PROTECTION ACT?  The Data Protection Act The Data Protection Act (DPA) gives individuals the right.

DATA PROTECTION ACT INTRODUCTION The Data Protection Act 1998 came into force on the 1 st March It is more far reaching than its predecessor,

GCSE ICT Data and you: The Data Protection Act. Loyalty cards Many companies use loyalty cards to encourage consumers to use their shops and services.

Corporate Information Governance Team Grisilda Ponniah, Corporate Information Governance Manager.

Session 11 Data protection. 1 Contents Part 1: Introduction Part 2: Applicability and responsibility Part 3: Our procedures on data protection Part 4:

Right of access to information Requests can come from anyone Statutory timescales to respond Network of service Information Access Officers Staff responsibility.

DATA PROTECTION AND RUNNING A COMPLIANT PUB WATCH SCHEME Nigel Connor Head of Legal –JD Wetherspoon PLC.

© University of Reading Lee Shailer 06 June 2016 Data Protection the basics.

Business Ethics and Social Responsibility GCSE Business and Communication Systems Business and Communication Systems.

Workshop Understanding your responsibilities under the Data Protection Act 1998 and the Freedom of Information Act 2000 Adele Rhodes Girling.

Data protection—training materials [Name and details of speaker]

Presented by Ms. Teki Akuetteh LLM (IT and Telecom Law) 16/07/2013Data Protection Act, 2012: A call for Action1.

Freedom of Information Act ‘What you need to know’ Corporate Information Governance Team Strategic Intelligence.

Clark Holt Limited (Co. No ), Hardwick House, Prospect Place, Swindon, SN1 3LJ Authorised and regulated by the Solicitors Regulation.

Data Protection and Freedom of Information. Objectives Describe the main points of the Data Protection Act 1998 and Freedom of Information Act 2000 Illustrate.

Introduction to Data Protection Plan »Brief Introduction to Data Protection  Example  Principles  P3, 4, 7  Sensitive Data  Conditions for Processing.

The Data Protection Act 1998

General Data Protection Regulation

The Data Protection Act 1998

Data Protection Legislation

EU Directive 95/46/EC (Paragraph 2) “Whereas data-processing systems are designed to serve man; whereas they must Respect their fundamental rights.

Data Protection & Freedom of Information- An Introduction

GENERAL DATA PROTECTION REGULATION (GDPR)

New Data Protection Legislation

G.D.P.R General Data Protection Regulations

Data Protection principles

Identify the laws and guidelines that affect day-to-day use of IT.

Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .

Legal and Ethical Issues

Presentation transcript:

Public rights of access to information Grisilda Ponniah, Corporate Information Governance Manager Mary Elliott, FOI Officer Legal & Democratic Services

Information & Governance Team

Contents Reminder of Legislation FOI/EIR Example of FOI (DP issues) Statistics DPA

Legislation o Freedom of Information Act 2000 –right of access to information held by a public body – respond within 20 working days. Code of practice on records management o Environmental Information Regulations 2004 –right of access to environmental information – respond within 20 working days (or 40 working days in certain cases) o Data Protection Act 1998 –right of access to your own personal information – respond within 40 calendar days o Other – o Local Government Act 1972 o Audit Commission Act 1998 – 20 working days window once a year to come in inspect and copy background documents (can include Contracts) to Accounts o Veolia Case (Waste Contract) 5 July 2010

Access under FOI/EIR

Transparency Agenda Dr Povey has stated the Council’s commitment to openness and transparency demonstrated by Introduction of webcasting Publishing of spend data over £5,000 Publishing of details of contracts over £50,000

o Confirm/deny if information is held o Respond and supply within legal timescales unless: Not held Vexatious/repeated Exceeds cost limit (18 hours work) (NB does not apply to environmental information) Exemption applies Our duties under FOI/EIR

Applying the FOI exemption for third party personal data: the Tribunal’s approach in House of Commons v IC & Leapman, Brooke and Thomas upheld in the High Court To comply with the DPA, a disclosure of personal data under the FOIA must: be fair and lawful; meet one of the conditions in Schedule 2 of the DPA; in the case of sensitive information (such as information about health or criminal activity) also meet one of the conditions in Schedule 3; and, take into account the reasonable expectations of the individual.

Relevant Schedule 2 Condition The Schedule 2 condition most likely to be relevant is that at paragraph 6: “The processing is necessary for the purposes of legitimate interests pursued by the data controller or by the third party or parties to whom the data are disclosed except where the processing is unwarranted in any particular case by reason of prejudice to the rights and freedoms or legitimate interests of the data subject”.

The Approach In considering the application of this condition to a disclosure under the FOIA, the Tribunal applied a three- stage test: Is there a legitimate public interest in disclosure? Is the disclosure necessary for that legitimate public interest? Is the disclosure nevertheless unwarranted because of an excessive or disproportionate adverse effect on the legitimate interests of the individual(s) concerned?

Volume of requests

How we dealt with Requests

Breakdown of Refusals

Who is asking for information

What are they asking about Most popular topics recently Potholes Information about deceased persons Other Senior manager pay and training Council Tax More unusual Meetings with Pagan Groups Complaints about ghosts Feng Shui training

Any Questions?

Access under DP Act (Subject Access Requests)

What is Personal Data? o“ Personal Data ” - any information relating to an identified or identifiable living individual (data subject) oAn identifiable person – a person who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity

Notification to ICO o ICO is regulator – requires notification o Various roles as an elected member: o member of the council - eg member of a committee – SCC notifies o representative of residents of your ward - eg dealing with complaints – SCC notifies o representative of a political party - particularly at election time – party notifies o Description of the processing activities is placed on a public register of notifications o You must comply with data protection principles - framework for the proper handling of personal information

8 Principles of ‘Good Information Handling’ 1. Fairly and lawfully processed 2. Processed for limited purposes 3. Adequate, relevant and not excessive 4. Accurate and up to date 5. Not kept for longer than is necessary 6. Processed in line with your rights 7. Secure 8. Not transferred to other countries without adequate protection

Points to remember o Ensure language used in any recorded information is appropriate as it could be made available on request o Date stamp all written requests for information as soon as received and pass non routine ones immediately to our team o It is a criminal offence to conceal, damage or destroy records after they have been requested o No exemption for embarrassment o You need to manage your records

Any Questions?

Contact Details External website – under F for Freedom of Information in the A- Z and D for Data Protection (online forms available to make requests) Room 134 County Hall Mary Elliott (Freedom of Information Officer) Grisilda Ponniah (Corporate Information Governance Manager)