Issue - meetings
Information Governance Report & the General Data Protection Regulation - Report by the Head of Legal and Democratic Services
Meeting: 26/09/2017 - Audit, Risk and Scrutiny Committee (Item 10)
10 Information Governance Report & the General Data Protection Regulation - CG/17/109 PDF 86 KB
Additional documents:
Decision:
(i) to note the information provided about the Council’s information governance performance at sections 3.1 to 3.6 of the report and in the Information Governance Report at Appendix 1;
(ii) to note the information about the General Data Protection Regulation (GDPR) and its anticipated impact on the Council at sections 3.7 to 3.11 of the report;
(iii) to note the Council’s GDPR readiness approach as part of the Council’s wider information assurance improvement plan at sections 3.2 to 3.14 of the report;
(iv) to request officers to submit a report to a future meeting of this Committee providing an update on the position with data governance standards as they are developed as part of the Transformation Programme; and
(v) to request Internal Audit to undertake a review of the processes in place for determining what information can be released to the public.
Minutes:
The Committee had before it a report by the Head of Legal and Democratic Services which presented (1) the annual report on the Council’s Information Governance Performance; and (2) information relating to the incoming General Data Protection Regulation and the Council’s readiness approach.
The report recommended:-
That the Committee -
(a) note the information provided about the Council’s information governance performance at sections 3.1 to 3.6 of the report and in the Information Governance Report at Appendix 1;
(b) note the information about the General Data Protection Regulation (GDPR) and its anticipated impact on the Council at sections 3.7 to 3.11 of the report; and
(c) note the Council’s GDPR readiness approach as part of the Council’s wider information assurance improvement plan at sections 3.2 to 3.14 of the report.
Councillor Lumsden sought guidance as to whether the Council had a system in place to track emails that were sent to and from all Council email accounts, wherein the Head of IT and Transformation advised that there was a mechanism in place and that there were records of all emails.
Councillor Duncan sought information relating to data governance standards and whether they would be reported back to this Committee, wherein the Information Manager advised that the Data Office had just been established and the standards would develop with the Transformation Programme.
The Convener made reference to a previous report which was redacted before issuing to the public and requested that Internal Audit review the processes in place for determining what information is released to the public.
The Committee resolved:-
(i) to request officers to submit a report to a future meeting of this Committee providing an update on the position with data governance standards as they are developed as part of the Transformation Programme;
(ii) to request Internal Audit to undertake a review of the processes in place for determining what information can be released to the public; and
(iii) to otherwise approve the recommendations contained within the report.