Information governance weaknesses identified in Edinburgh

Written by Colin Marrs on 12 October 2015 in News

City of Edinburgh Council has been told to improve its records management and data sharing following an assessment by the information watchdog.

The Information Commissioner’s Office gave the authority a “limited assurance” rating following a recent inspection.

It said that there is “considerable scope” to improve current arrangements to reduce the risk of compliance with the Data Protection Act.

The ICO report said: “We have made three limited assurance assessments in respect of each of records management, subject access requests and data sharing, where controls could be enhanced to address the issues…”

Related content

Edinburgh awards WAN contract
Cloud services - the shifting context

The council, it was discovered, has no information security manager or overarching policy – contrary to Local Public Services Data Handling Guidelines.

In addition, only 3,000 out of 18,000 stave have completed the mandatory Information Governance Foundation e-learning programme.

There is no record of the rationale for applying exemptions or withholding third part data in response to subject access requests, and the covalent register of data sharing agreements does not contain a dedicated field to record authorisation.

However, the ICO reported a number of positives, including the generation of monthly reports to identify files which have not been returned.

In addition, automatic emails are generated for subject access information deadlines, while services are required to produce and share draft sharing agreements.

Two months ago, the council signed a deal with supplier CGI combining a core contract with the ability to turn individual services on and off.

Share this page



Please login to post a comment or register for a free account.

Related Articles

Interview: CDDO chief Lee Devlin on the ‘move from being disruptive to collaborative’
23 May 2023

In the first of a series of exclusive interviews, the head of government’s ‘Digital HQ’ talks to PublicTechnology about the Central Digital and Data Office’s work to unlock £8bn...

WhatsApp and private email banned for government use at higher security tiers
13 April 2023

Officials are warned that, if they choose to use non-corporate channels, they must 'be prepared to defend your choices'

Ex-intelligence chief ‘appalled’ at ministers’ use of private messages
1 June 2023

Former GCHQ and Home Office leader David Omand expresses disapproval of use of WhatsApp and other platforms for government business

NHS app: Local bodies required to offer patients choice of treatment providers
31 May 2023

Citizens will be presented with details of five or more hospitals or other options

Related Sponsored Articles

Proactive defence: A new take on cyber security
16 May 2023

The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...