Community Action Northumberland

  • NALC Home
  • CAN Home
  • Contact us
  • Forum
  • Accessibility
Home
About NALC
News
News History
NALC E-news
E-news Archive
Training
County Committee
Constitution
Member Councils
Minutes
Annual Reports
Quality Parish Councils
Quality Councils in Northumberland
How do we qualify
Contacts/Links
Links
Members Area
Create an Account
Agendas & Papers
Other Meetings
Latest Consultations
NALC Current Issues
Chairman's Page
Policies & Procedures
Data Protection and Local Councils

Background

This is to update a previous paper on the Data Protection position of local councils and councillors. The document change is related to the web links and new link to a self assessment question. See this link

Both Data Protection and Freedom of Information are now closely tied together, and while most councils have adopted the model document for Freedom of Information, the Information Commissioners Office suspects that many local councils or local councillors have neglected their obligations to register under the Data Protection Act.

Whether you are an individual or a local council, you need to determine if you are processing data about people or not. If you are, you may well need to register under Data Protection legislation.

Data Protection Act and Councils

If you hold and process information about anyone, you are legally obliged to protect that information. Under the Data Protection Act, you must:

  • only collect information that you need for a specific purpose;
  • keep it secure;
  • ensure it is relevant and up to date;
  • only hold as much as you need, and only for as long as you need it; and
  • allow the subject of the information to see it on request.

If any of this information is held on computer then the expectation is that the local council should be registered under the Data Protection Act. Obligations for all local authorities are detailed at:

http://www.ico.gov.uk/for_organisations/sector_guides/local_authority.aspx
 

There are some exceptionsfrom the need to register:

  • Safeguarding national security or for purely personal, family or household purposes;
  • Prevention or detection of crime, and for the assessment or collection of taxes as well as certain ‘regulatory activities’;
  • Section 31 of the Act gives exemption to certain journalistic, literary or artistic material;
  • Where personal data is processed for one or more of the following purposes only:
    • staff administration (including payroll);
    • advertising, marketing and public relations (of the council itself); or
    • accounts and records;
  • Disclosures required by law;
  • Where disclosure is necessary for the purpose of legal proceedings or for obtaining legal advice;
  • Legal professional privilege (i.e. confidentiality between client and professional legal adviser); and
  • Where the sole purpose of any processing is the maintenance of a public register (e.g. the register of members’ interests under the Code of Conduct);

Where no personal data is processed by computer.

Data Protection Act and Councillors

The information that prompted the question about this was originally directed to Northumberland County Councillors. The press release below refers.

Full copy here.

The relevant paragraph is:

“In determining whether they need to notify, councillors need to consider the role in which they are processing personal information. If doing so as a member of the council or as a representative of a major political party, councillors will not normally be required to notify with the ICO. However, when carrying out their role as a representative of the residents in a ward or an independent councillor who is not affiliated to any political party a councillor may need to notify.”

This need to notify is dependent on the councillor holding and processing data on identifiable individuals. The majority of local councillors do not hold or process data. There is a self assessment online question and answer webpage at: http://www.ico.gov.uk/notify/self/question1.html

More information on this can be found here

In reality, where holding and processing personal data about individuals in the course of  undertaking council business, elected members will be covered by the authority’s notification and have the same responsibilities with regard to data protection as any employee of the authority.

It is worthwhile reminding ourselves that it remains good practice that copies of all communications proper to the local council’s business is lodged with the clerk, even if it is compiled by a councillor on behalf of the council. This is especially important for Freedom of Information issues that may be directed to the council.

The revised NALC guidance on data protection can be found at:

http://www.nalc.gov.uk/Document/Download.aspx?uid=edd71a99-facc-4018-8567-c8745229e766

Registration

Should you require to register, then you can either call the Information Commissioners Office on 01625 545740 or log on to their website at http://www.ico.gov.uk/ . The registration fee is currently set at £35.
 
  • Privacy Policy
  • T&Cs

Website design by Marc Johnson & CITA