Decision details

Update on Information Governance

Find out more about this issue

Decision status: Recommendations Approved

Is Key decision?: No

Is subject to call in?: Yes

Decisions:

(Cabinet Member with Special Responsibility Councillor Blamire)

Cabinet received a report from the Chief Officer (Legal & Governance) which provided an update on progress towards embedding principles of Information Governance into the Council and meeting the 25^th May 2018 deadline for compliance with the General Data Protection Regulations 2018 (GDPR).

The options, options analysis, including risk assessment and officer preferred option, were set out in the report as follows:

	Option 1: Note the actions so far, approve the plan for the future and approve the budget for the work	Option 2: Not to approve the plan and for future work and/or not to approve the budget
Advantages	Will ensure that the Council is prepared for GDPR in May 2018. Also ensures a framework for good information governance for the future.	None
Disadvantages	If the budget is not approved, it will be difficult to complete the actions under the plan and/or carry out the necessary training.	As under option 1
Risks	Risks include: Future breaches of information security leading to the possibility of investigation by the ICO and sanctions including large fines. The Council is not compliant with the requirements of GDPR. Staff are not appropriately trained in the new requirements.	As under option 1

Councillor Blamire proposed, seconded by Councillor Leyshon:-

“That the recommendations, as set out in the report, be approved.”

Councillors then voted:-

Resolved unanimously:

(1) That progress to date be noted.

(2) That the governance structure appended at appendix 1 to the report, be approved.

(3) That the budget for the work to date and the budget for the anticipated work, as summarised in the report be approved, with the additional funding requirement of £83.1k being met from the Budget Support Reserve, to make the City Council fully compliant with the regulations.

Officers responsible for effecting the decision:

Chief Officer (Legal & Governance)

Chief Officer (Resources)

Reasons for making the decision:

The decision will ensure that the comprehensive action plan to address identified weaknesses in Information Governance will be completed. This will ensure that the Council is able to meet the requirements of GDPR and has a robust system in place to guard against any breaches of personal data.

Publication date: 08/12/2017

Date of decision: 05/12/2017

Decided at meeting: 05/12/2017 - Cabinet

Effective from: 16/12/2017

Accompanying Documents:

Cabinet Report re Information Governance 5 Dec 17 v2 PDF 413 KB