The iSEEU blog is concerned with all aspects of secure data in motion including information governance, data breach, data protection and secure collaboration tools.
Current Articles | RSS Feed
It has been reported that Christopher Graham, the Information Commissioner, has co-written a letter with Sir Bob Kerslake, head of the civil service. It has been sent to all English local authorities encouraging them to improve their data protection compliance and policies.
The letter was issued in the same week as the ICO issued a record fine to Midlothian Council - £140,000 for mis-sending sensitve documents on children and their carers on five occasions - and in the wake of a sequence of fines during 2011 for data breaches.
The letter is reported to be similar in tone to one issued last year to data protection officers in the health sector. The letter is likely to recommend the following measures for promoting data protection compliance:
Observance of published guidance for creating information governance policies,
Require staff to under take information governance training,
Ensure that a board-level individual is appointed to act as senior-level 'risk owner' responsible for data protection compliance, and
Continuous communication with staff to make them aware of information governance policies and guidelines.
The ICO has also requested that the Ministry of Justice give it power to carry out compulsory audits of public bodies. This seems a sensible measure and one that is likely to be granted.
If it is, it will surely increase the pressure on public bodies to find ways of enforcing data protection compliance given the ICO's stated aim of focusing on health and criminal justice in 2012.
[image credit: www.ico.gov.uk]
Allowed tags: <a> link, <b> bold, <i> italics
