Public Engagement & Assurance Cabinet Member – Minutes – 16 March 2018

3 (3) INFORMATION GOVERNANCE FRAMEWORK – The Director: Governance and Partnerships submitted a report seeking approval for a series of updates to the councils Information Governance Policy Framework.

The council was required to undertake a regular review of its information governance policies in order to demonstrate legally compliant practice and maintain its current Level 2 status in the annual NHS Information Governance Self-Assessment.

A series of updates to specific information governance policies contained within the overarching framework were proposed to reflect changes in legislation and professional guidance.

The Information Governance Policy Framework comprised a series of specific policy and procedural schedules relating to the management and security of information and personal data. It set out how the council would comply with legal and best practice requirements governing information management. These requirements included the Data Protection Act and Freedom of Information Act.

Over the last year, further significant progress had been made in strengthening the council’s Information Governance arrangements. As part of this on-going development and improvement work, a series of changes were proposed to the over-arching Information Governance Policy Framework. The proposed changes to individual policies were summarised at Appendix A of the report.

The General Data Protection Regulation (GDPR) would replace the Data Protection Act on 25 May 2018. Some of the known requirements of GDPR had been included in the updated policy schedules but it was likely that a further review of the Framework would be required later in the year once further national guidance had been released.

Resolved – That the proposed changes to the Information Governance Policy Framework as detailed at Appendix A of the report be approved.