The Information Commissioner has written to local authority chief executives to emphasise the importance of good information governance in ensuring transparency, providing people with confidence that their personal information is being handled properly and in protecting the vulnerable. Subjects addressed in the letter include:
- The Information Commissioner's Office's powers to order organisations to pay up to £500,000 as a penalty for serious breaches of the data protection principles. The letter suggests that actions that all local authorities can and should take to reduce the likelihood of this happening include: identifying and training a Board level individual to act as the Senior Information Risk Owner; continuously making staff aware of the existing information governance policies and guidelines, and ensuring that all staff undertake regular and relevant information governance training. Three local authorities have recently been ordered to pay financial penalties for breaches of the data protection principles.
- The proposed transfer of responsibility for public health matters from the NHS to local authorities. The letter comments that this will include some information of a particularly personal nature, so it is vital that such information is handled in a sensitive and secure way.
- Transparency. The letter says that it is important for all local authorities to get into the practice of making information available proactively, as many already do. It also says that the free availability of non-personal information is the key to the success of the Government's localism agenda.
- The ability of the Information Commissioner's Office to carry out a data protection audit where invited to do so. The letter encourages any local authority that would find the service useful to take advantage of it.
The Information Commissioner's Office has also published a new plain English guide to Freedom of Information to help public authorities understand freedom of information legislation and how to apply it.