Data watchdog audits reveal room for improvement

Not one council out of 16 audited by the Information Commissioner’s Office reached the highest standard for compliance with data protection law, according to a new report.

The report, published by the ICO today, covered data audits carried out during 2013, and said there is “clear room for improvement” in how local authorities comply with the Data Protection Act.

It was accompanied by a list of areas for improvement identified through the audits, including training and ensuring effective data protection governance is in place.

John-Pierre Lamb, ICO group manager in the good practice team, said: “The types of breaches we’re seeing are fairly consistent, with personal information being disclosed in error and lost or stolen paperwork and hardware prevalent.

“Our figures show that local authorities have much to do to improve data protection governance and training. We recognise that councils are having ‘to do more with less’ due to ongoing budgetary pressures, but it is important to appreciate that the lack of effective governance structures and training programmes significantly increases the risk of serious breaches of the DPA.”

Out of 16 audits carried out during the year, nine councils received a “reasonable assurance” rating, six received “limited assurance” and one received “very limited assurance”, which resulted in a warning that immediate action was required.

During the period, none received an overall “high assurance” rating, although one did gain that rating for its training and awareness.

The ICO did not name the councils which were audited and information relating to audits from 2013 is no longer available on the watchdog’s website.

Its report highlights anonymous case studies giving councils a steer on good practice in the areas of data protection governance, records management, requests for personal data, security of personal data, training and awareness along with data sharing.

Lamb said: “It’s clear that there’s room for improvement, and not just by the local authorities we visited: the areas for improvement we identified in those visits should prove helpful to many local authorities.”

“By learning from the mistakes of others, and indeed learning from the examples of good practice we found, local authorities will improve their compliance with the law, and be less likely to find the regulator knocking on their door.”

Colin Marrs

Learn More →

Leave a Reply

Your email address will not be published. Required fields are marked *

Thank you! Your subscription has been confirmed. You'll hear from us soon.
Subscribe to our newsletter