Agenda item

To consider a report on requests for information received by the Council under the Freedom of Information and Environmental Information Regulations Acts and to highlight any issues encountered and actions to be taken to improve performance – “TO FOLLOW”.

With the aid of a report prepared by the Information Governance Manager & Data Protection Officer (a copy of which is appended in the Minute Book) the Committee received the annual report on the Council’s compliance with the Freedom of Information (FOI) Act 2000 and Environmental Information Regulations 2004 and the UK General Data Protection Regulation Act 2018. Information was also received on the Council’s performance with regards to protecting personal data over the period January to December 2021.

Following an introduction by the Deputy Data Protection Officer, the Committee’s attention was drawn to the work undertaken by the Information Governance Team in respect of data protection compliance. The Committee noted the progress of the improvement areas identified in paragraph 5.2 of the report which would be included in the Information Governance Team’s forward plan for 2022/23 and noted the reasons why limited progress had been made with the previous plan as outlined in paragraph 5.3 of the report.

The Deputy Data Protection Officer then went on to report there had been a drop in the number of FOI requests received by the Council when compared to the previous year at 460 and 534 respectively, which represented a 14% decrease. The Council worked to a target of 90% response compliance within 20 days, with performance levels being reported as 81% in 2021 which reflected an improvement to the previous year’s performance of 77%. Having had their attention drawn to the number of cases per service, it was noted that a majority of requests received related to services falling under the Chief Operating Officer’s remit and Community Services. Attention was then drawn to the number of requests by outcome where it was reported that 63% of cases had been concluded with all the relevant information required. Of the 460 cases, four internal reviews/complaints had been received and six had been referred to the Information Commissioner’s Office for further investigation. Over the reporting period there had been 25 Subject Access Requests and 1 Subject Access Related complaint. Finally, the Committee received details of personal data breaches where it was noted that 17 incidents had occurred within the reporting period.

Other matters that were discussed included the requirement for all staff and elected Members to complete Information Governance training, the reasons why there had been a lack of consistency in the role of the Data Protection Officer/Information Governance Manager in the last 5 years and the importance of ensuring sufficient information was available to members of the public as a means of preventing a high number of requests being received by the team. In terms of the former, it was reported that Member training would be picked up as part of the Council’s Member Induction and Training Programme. Members of the Committee placed on record their preference for this training to be completed as a face to face event. Having regard to the latter, the Managing Director reported that plans were underway to review the ease of navigation around the Council’s website and that some work should be undertaken to review the data relating to outcomes by case which were impacting upon the Information Governance Team’s time. Whereupon, it was

RESOLVED

that the contents of the report now submitted be noted.