Issue - items at meetings - GDPR Update
Issue - meetings
GDPR Update
Meeting: 01/07/2020 - Governance Committee (Item 17)
To receive and consider the report of the Director of Governance.
Minutes:
Chris Moister, Director of Governance, presented the report which updates Members on the period following implementation of the General Data Protection Regulations.
The Council implemented the obligations under the GDPR in May 2018. All relevant training, policies and procedures were prepared and in place.
In addition, a significant data audit and cleansing exercise was undertaken in order to minimise risk to the Council held data.
Due to recent organisational changes the centrally held list of Data Controllers is being reviewed to ensure it is up to date and correct.
The council have reviewed how Freedom of Information and Data Protection Act requests are being received and dealt with. A new post has been established with specific responsibility for co-ordinating and formulating responses to the requests. Training has been provided to the post holder to ensure the Council continue to comply with our obligations.
Five data breaches were identified in 2019. None of the data breaches concerned sensitive data and none were deemed sufficiently serious to report to the Information Commissioners Office. The breaches related to staff error and use of data held which was incorrect.
Members noted that the breaches had been identified by the council and not by a third party.
Decision: That the content of the report be noted.
Meeting: 18/03/2020 - Governance Committee (Item 6.)
To receive and consider the report of the Director of Governance.