CILIP responds to ICO Information Governance Report

Bluecoat photo: Data Protection

CILIP has responded to the latest findings from the Information Commissioner’s Office (ICO) annual Information Governance Survey by offering to work with Local Authorities to improve their ability to manage information effectively.

The survey, which looks at the overall readiness of Local Government to comply with the forthcoming General Data Protection Regulations (GDPR), found serious gaps in their information management capability:

  • 25% of Councils don’t have a Data Protection Officer – a key requirement from June 2018
  • Over 15% have no employee Data Protection training as required under GDPR
  • 33% don’t currently do privacy impact assessments on their work

Speaking about the ICO report, CILIP Chair Karen McFarlane commented, “Local Authorities are complex information-handling organisations. Because they are dealing with sensitive personal information, they need to ensure that they lead the way in compliance with regulations on data and information. The ICO Survey raises some serious concerns – only 17% of Councils have an Information Asset Register, for example, which is an essential first step in compliance.

As the Chartered Institute for Information Professionals, CILIP is in a unique position to work with Local Government to improve knowledge and skills in information management and help ensure Council leaders and staff are ready for the challenges ahead. We will be looking to engage the Local Government Association to ensure that they have access to the training and personnel they need both in the run-up to the new GDPR and thereafter.”

CILIP works with a wide range of employer groups to improve their ‘information readiness’, encouraging them to recognise the role of information professionals in managing risk, improving compliance and improving delivery.

If Councils do not respond rapidly by improving their information management skills and capacity, they risk heavy fines under the new legislation.


Photo: 'Data Protection' by Original cropped and resized. Attribution-ShareAlike 2.0 Generic (CC BY-SA 2.0)