Download presentation
Presentation is loading. Please wait.
Published byFrank Martin Modified over 6 years ago
1
Archives, Information Governance and Freedom of Information
Please sir, can I have some more information? ARA Scotland FOISA Core Training Glasgow, 13 February 2017 Archives, Information Governance and Freedom of Information Dr Kenneth Meechan, Head of Asset Governance, Glasgow City Council
2
Overview Archives and the context of the PR(S)A
Specific historical context of Glasgow GCC Information Governance landscape Legal and regulatory framework Drafting the RMP FOI – the sharp end of records management The historical child abuse inquiry EU General Data Protection Regulation
3
Public Records (S) Act PRSA gets pride of place because it should underpin all your information governance/information management activity Records Management Plan elements include information security and data protection policies (which includes how you manage and control releases under FOI) – so this should be the glue holding all your IG activity together If you don’t have an RMP – start working on it now! If you do have an RMP, Keeper now looking at how to monitor progress against improvement plans
4
The Glasgow context Former Strathclyde Regional Council ran Kerelaw School and Secure Unit – passed to GCC on local government reorganisation Many of the sorts of incidents investigated by Tom Shaw also happened at Kerelaw Kerelaw specifically mentioned in the Keeper’s report on records management GCC therefore committed at highest level to show that lessons have been learned and that we will not allow anything like this to happen again
5
Info Governance landscape
RMP development coincided with a revamp of asset management within GCC A Corporate Asset Management Plan was developed covering seven key asset classes, including information Each asset class has an (operational level) asset board reporting to a (tactical) advisory board, all reporting to the Strategic Asset Management Planning Board Also have a separate Info Security Board
6
Legal and Regulatory Framework
Legal and regulatory compliance Governance now embedded in language/ practices – with significant resources: Robust risk identification Transparency of process Clear accountability Managing accountability while ensuring security Can cause tensions and tie up resources Managing information done by us not to us This requires a suite of policies, guidance & training
7
Drafting the RMP Based very heavily on model RMP and the NRS’ own approved plan Large parts write themselves (assuming you have data protection, information security, business continuity etc. plans already) Having an in-flight EDRMS implementation helped Plan is an improvement model – we don’t have all the answers but we do have a journey to embark on Giving departments ownership has been key
8
FOI – life at the sharp end
FOI sits at the sharp end of IM Establishing the existence and location of information, retrieving it, assessing it for sensitivity, redacting if necessary and producing a compliant explanation for what you’ve done within 20 working days is challenging. Increased push for proactive publication – next version of the model publication scheme will include open data Ongoing push to improve the profile of the poor relation, the Environmental Information (Scotland) Regs 2004 Top Tip on EIRs: if you think for a moment that something might be covered by the EIRs, there is about a 99% chance that it is
9
Historical Child Abuse Inquiry
Suddenly old archives are big news Inquiry subject matter involves a lot of regional and pre-regional council archives social work and education files This is exactly the area Shaw found problems in locating material SRC archives – over 20 successor bodies, whose archive is it anyway?
10
Future developments: GDPR
Data protection is a European concept designed to facilitate the free movement of personal data across the EU Perception that the current Directive is not implemented in a uniform fashion across the EU, and seriously out of date in a Web 2.0 universe Political agreement at end of 2015 on a new General Data Protection Regulation (GDPR) Comes into force May 2018 – unaffected by Brexit The GDPR still allows a lot of national discretion and at this point there are few UK Government indicators as to how the discretionary elements might pan out
11
ANY QUESTIONS?
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.