'Clear room for improvement' for data protection in local authorities, finds ICO

By Danny Palmer
27 Aug 2014 View Comments
Concept image representing data protection rules

There's "clear room for improvement" in how local authorities comply with the Data Protection Act, the Information Commissioner's Office (ICO) has said.

The ICO made the statement as it launched its report detailing audits of 16 local councils made last year, which saw none of the authorities involved given a high assurance rating when it comes to matters concerning data protection.

Further reading

Of the 16 councils audited, six were told they had "considerable room for improvement" while one was advised it needed to take "immediate action". The ICO hasn't divulged what ratings it gave to which councils.

The report includes a list of areas for improvement identified by the audits, notably improving training and ensuring effective data protection governance is in place. Good practice surrounding information security is also advised.

In total, the ICO has issued financial penalties totalling £2.3m to local authorities for data breaches and data protection issues. However, despite earlier this year describing Wolverhampton Council's approach to data protection as "startling", the ICO issued a warning instead of a fine.

"It's clear that there's room for improvement, and not just by the local authorities we visited: the areas for improvement we identified in those visits should prove helpful to many local authorities," said John-Pierre Lamb, ICO group manager in the good practice team.

"By learning from the mistakes of others, and indeed learning from the examples of good practice we found, local authorities will improve their compliance with the law, and be less likely to find the regulator knocking on their door," he continued, adding that the ICO understands authorities have budget constraints, but they must still ensure they comply with data protection.

"Our figures show that local authorities have much to do to improve data protection governance and training," said Lamb.

"We recognise that councils are having ‘to do more with less' due to ongoing budgetary pressures, but it is important to appreciate that the lack of effective governance structures and training programmes significantly increases the risk of serious breaches of the DPA," he said.

Reader comments
blog comments powered by Disqus
Newsletters
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

21 %
50 %
13 %
16 %