Issue - meetings

Report No:   CAB/SE/14/014

Cabinet Member: David Ray           Lead Officer: Joy Bowes

Summary and Reason for Recommendation

Compliance with the Data Protection Act (DPA) is monitored and enforced by the Information Commissioner’s Office (ICO).  The ICO has the power to impose fines of up to £500,000 for a serious breach of one or more of the data protection principles and where the breach is likely to cause substantial damage or distress.  This is in addition to any penalties imposed by the courts against individuals who unlawfully breach the DPA. ICO guidance therefore stresses that it is vital for all Council employees, Members and contractors to understand the importance of protecting personal data; that they are familiar with the organisation’s security policy; and that they put its security procedures into practice.

This joint policy, attached as Report No: CAB/SE/14/014, (based on that previously adopted by Forest Heath District Council) outlines the principles of the Data Protection Act 1998 and identifies how both Forest Heath District Council and St Edmundsbury Borough Council (jointly referred to as West Suffolk Councils throughout the policy) comply with the Data Protection Act. It aims to give guidance on how the requirements of the Act apply to the work of the Councils.

Recommendation

It is RECOMMENDED that, subject to the approval of full Council, the West Suffolk Data Protection Policy, provided as Report No. CAB/SE/14/014, be adopted.

RECOMMENDED TO COUNCIL:

That the West Suffolk Data Protection Policy, provided as Report No: CAB/SE/14/014, be adopted.

The Cabinet considered a narrative item, which sought approval for the West Suffolk Data Protection Policy, as attached as Report No: CAB/SE/14/014 (previously circulated).

Councillor Ray, Portfolio Holder for Resources and Performance drew relevant issues to the attention of the Cabinet, including that compliance with the Data Protection Act (DPA) was monitored and enforced by the Information Commissioner’s Office (ICO).  The ICO had the power to impose fines of up to £500,000 for a serious breach of one or more of the data protection principles and where the breach was likely to cause substantial damage or distress.  This was in addition to any penalties imposed by the courts against individuals who unlawfully breached the DPA. ICO guidance therefore stressed that it was vital for all Council employees, Members and contractors to understand the importance of protecting personal data; that they were familiar with the organisation’s security policy; and that they put its security procedures into practice.

The joint policy (based on that previously adopted by Forest Heath District Council) outlined the principles of the Data Protection Act 1998 and identified how both Forest Heath District Council and St Edmundsbury Borough Council (jointly referred to as West Suffolk Councils throughout the policy) complied with the Data Protection Act. It aimed to give guidance on how the requirements of the Act applied to the work of the Councils.

RECOMMENDED TO COUNCIL:

That the West Suffolk Data Protection Policy, provided as Report No: CAB/SE/14/014, be adopted.