Issue - meetings

Annual review of the councils Information Access and Information Governance requirements 2021/22

Meeting: 21/11/2022 - Audit and Governance Committee (Item 56)

56 Annual review of the council's Information Access and Information Governance requirements 2021/22 pdf icon PDF 311 KB

To inform the committee of performance in the areas of complaints, data incidents and requests for information made to the council over the municipal year 2021/22.


[Note: there was an adjournment for a few minutes due to a technical issue]


The committee considered a report on performance in the areas of complaints, data incidents and requests for information made to the council over the municipal year 2021/22.


The Complaints and Children’s Rights Manager introduced the report and read out a statement from the Head of Information Compliance and Equality, the key points included:


i.             There had been a slight increase in Freedom of Information Act (FOI) and Environmental Information Regulations (EIR) requests compared to the previous municipal year, following an expected fall during the Covid-19 pandemic.   Nevertheless, the local target of 95% of requests being answered within the statutory time limit was being met; this exceeded the Information Commissioner’s Office (ICO) threshold of 90%.


ii.            3 cases were referred to the ICO and the ICO upheld the decision of the council in each case.


iii.          The Information Governance Team continued to work with service areas to address issues and to publish as much data as possible; within the last 6 months, a disclosure log had been published to support the transparency agenda.


iv.          During the municipal year 2021/22, 204 requests were processed where individuals asked for personal data about themselves, representing a significant increase from the previous year, with most requests being for data held by the Children and Young People Directorate.


v.           The team had received 176 reports of data incidents during the municipal year 2021/22.  Of these, 3 had met the threshold for reporting to the ICO but no action was taken against the council.


vi.          It was considered that the figures reflected that there were sound processes in place for reporting data incidents, there was a high level of awareness about data protection, and there was an open culture around reporting problems.


The principal matters raised during the discussion included:


1.           With attention drawn to paragraphs 20 and 21 of the report (agenda page 68), the Complaints and Children’s Rights Manager said that a response would be sought on the impact of: the mandatory data protection impact assessments for new programmes, projects or systems that involve processing of personal data; and the data protection officer service level agreement for self-funding schools.


2.           It was reported that, subject to two appointments, the team was expected to have a full complement of staff in the near future.


3.           There was a discussion about the wellbeing support available to staff.  It was noted that the Scrutiny Management Board on 28 November 2022 was to consider an item on ‘Herefordshire Council’s Human Resources and Workforce Strategy’ (link to the item).


4.           The Complaints and Children’s Rights Manager provided a brief overview of the operation of the Corporate Complaints Policy and Procedure, and of the separate Children’s Representations and Complaints Policy and Procedure.  It was reported that, following recent dialogue with the Corporate Director – Children and Young People, the intention was to process more complaints through the children’s policy and revisions were being considered by  ...  view the full minutes text for item 56