ICO e-newsletter – January 2012

In this section


Top story

Corporate

Freedom of information

Data protection

Privacy and Electronic Communications Regulations

Top story

Too many consumers being denied access to their information, says ICO

Speaking on the eve of European Data Protection Day, the Information Commissioner, Christopher Graham said that complaints about mishandled subject access requests last year accounted for over a third (38%) of the ICO's total data protection casework. To help resolve this issue, the ICO has launched an awareness-raising campaign called Access Aware.

Access Aware is one of the first outcomes of the ICO's information rights priority work. Health bodies as well as banking and finance companies have been identified as the areas most needing to improve in relation to handling subject access requests.

Corporate

Information Rights Strategy launched

The ICO's final action of 2011 was to publish its new Information Rights Strategy. The strategy reflects the ICO's increasingly integrated work, and for the first time sets out the information rights outcomes the ICO is seeking to achieve. The strategy also confirms the ICO's priority areas as being: health, credit and finance, criminal justice, internet and mobile services, and information security.

To coincide with the launch of the strategy the Information Commissioner, Christopher Graham, published a blog post discussing the ICO's outlook for 2012.

Freedom of Information

Guide to Freedom of Information published

The ICO published its new Guide to Freedom of Information for public authorities on the ICO website on 30 January 2012. The Guide is not available as a hard copy but a printer friendly pdf version of the guide can be downloaded from the ICO website.

This is the first time that the ICO has published an overview that explains all the basic requirements of the Act in one place and follows on from the success of the ICO's 'Guide to Data Protection' which was launched two years ago. Both Guides are written in plain English and have been accredited by the Plain Language Commission.

This new guide will eventually act as a spine to which all the ICO's more detailed guidance on the Freedom of Information Act will be linked. We will be updating all of our more detailed guidance on the Act over the coming months. An equivalent Guide to the Environmental Information Regulations is also planned and further updates on this work will be provided in this e-newsletter.

Consultation on FOI publication schemes concludes

The ICO's consultation on the future of Freedom of Information Publication Schemes concluded on 21 December.

In total, 58 responses were received. The Commissioner would like to thank the authorities that participated in the consultation.

The ICO will now conduct an analysis of the formal responses, as well as reviewing respondents' comments gathered as part of the Tell Me More survey and the public focus groups held in December. An action plan will be published in March.

Data Protection Act

ICO undertakes joint action with the Data Supervisor for the Isle of Man

A care provider with offices in Northern Ireland and the Isle of Man has taken action to improve its data protection practices following joint action by the ICO and the Office of the Data Protection Supervisor (ODPS) for the Isle of Man.

Praxis Care Limited breached both the UK Data Protection Act and the Isle of Man Data Protection Act when an unencrypted memory stick was lost by an employee on the Isle of Man in August last year. The device contained the personal data of 53 residents in Northern Ireland as well as 107 people living on the island. The ruling is the first time the ICO has taken joint action with the ODPS.

NHS restructure highlights importance of good information governance practices

As the health service goes through one of the biggest restructures in recent times, the ICO is reminding providers of the importance of remaining vigilant when handling personal information.

Last year the ICO took enforcement action against a number of NHS organisations that failed to keep personal information secure. Many of these data breaches could have been avoided if the organisations had adequate data protection policies and up-to-date asset registers in place.

The National Information Governance Board (NIGB) has produced guidance to help organisations across the health service maintain good information governance practices during this period. The ICO's advice for health service organisations is also available on the ICO website.

During this transitional period it is vital that organisations ensure they are fulfilling their obligations under the Data Protection Act. This includes making sure mobile devices, such as laptops, are stored securely and encrypted where necessary. Once personal data is no longer required, organisations must also make sure it is securely destroyed.

Date set for ICO cloud computing seminar

The ICO will be holding a roundtable event on 27 February 2012 to discuss the data protection implications of cloud computing.

While the ICO was not able to accommodate everyone who expressed an interest, a broad range of organisations based on their size and sector will be represented.

The event - which will be held at the ICO's offices in Wilmslow - will also be attended by a number of cloud providers to give their views from a service provider perspective.

Feedback from the day, along with the results of our recent cloud computing survey, will be used to inform the ICO's future guidance on the cloud.

Privacy and Electronic Communications Regulations (PECR)

PECR monetary penalty guidance published

Following changes to the Privacy and Electronic Communications regulations, the Information Commissioner may now issue a monetary penalty notice for serious breaches of the 2003 Regulations.

The statutory guidance covering the ICO's powers to issue monetary penalties has been amended to incorporate these additional powers and was laid before Parliament on 30 January 2012. It is available on the ICO website.

Further information

For more information about the Information Commissioner's Office subscribe to our e-newsletter at www.ico.gov.uk. The ICO is also on Twitter, Facebook and LinkedIn.

A list of our latest job vacancies can also be found at: http://www.ico.jobs/.

You can unsubscribe from the ICO e-newsletter here.

Related items

FAQs

Read all our FAQs