The Society of IT Management (Socitm) has worked closely with the Local Government Association/ Welsh Local Government Association and central government on a new publication that shows councils the steps they need to be taking to keep safe and secure data collected from residents, businesses and other parties.
Local Government Data Handling Guidelines provides local authorities with an essential checklist of actions, highlights best practice in secure data handling, and sets the standard for local government around a topic that has been much in the news in recent months.
The guidelines set out fundamental steps that every council should take to lessen risks of personal information being lost or data protection systems failing, and include Socitm’s top 10 tips for data handling. They provide chief executives, senior managers and elected members with a vital aid in living up to their responsibilities and being accountable for proper handling of personal information.
The standards outlined in the guidelines are challenging, but necessary to build public confidence in the local government’s ability to protect personal data. The Society of Local Authority Chief Executives and Senior Mangers (SOLACE) and the Information Commissioner have both welcomed the publication.
Commenting on the guidance, Richard Steel, President of Socitm and CIO of the London Borough of Newham said:
“It's a long time since data security could be considered as something for just the IT department to worry about. It’s a concern that should run through the entire organisation. If local government is to meet the challenge of improving public trust it will be firstly by creating the right culture and secondly, by having the right policies and procedures in place to provide accountability and scrutiny.”
Jointly commenting on the guidance, Paul Coen, Chief Executive of the LGA and Steve Thomas, Chief Executive of the WLGA said:
“These new guidelines show how seriously local government takes the issue of secure data-handling, by ensuring standards in councils are equivalent to, or exceed, the best practice identified in these guidelines, the public can be reassured that all reasonable steps are taken to preserve and protect their information.
“A lot of excellent work has already been done but there is still more to do; the pace of technological development means councils always need to be aware of new risks and threats.”
Richard Thomas, Information Commissioner, said:
“I welcome these guidelines as a significant step towards ensuring the consistent, proportionate and secure use of personal information by government at all levels.
“They make an important contribution to the aim of the Information Commissioner’s Office, which is that all organisations should inspire trust by collecting and using personal information responsibly, securely and fairly.
“I believe that if councils effectively implement the steps set out in the guidelines, they will significantly reduce the risk of incidents and problems, and in doing so, help build the necessary public trust in the handling of personal information that recent and well publicized incidents can only have eroded.
In addition to working with the LGA on the data handling guidelines, Socitm is also advising and supporting DWP’s Government Connect programme that is implementing a variant of the Government Secure Intranet (GSI) to all local authorities in England and Wales. This will enable the secure transfer of local government data through government-controlled networks, avoiding situations where data is put at risk when devices like memory sticks, CDs and laptops are lost in transit.
Socitm will be working with the LGA/WLGA and IDeA to provide advice and guidance to local authorities in achieving compliance with the Data Handling Guidelines and the Government Connect Code of Connection. This programme will be funded by a £250k grant from Government Connect and additional resource from the LGA/WLGA and IDeA.
Further information about Socitm’s work in the area of information assurance can be found here: