Steve
Spoken to our Audit Manager and she informs me that under the
"requirements that the organisation must undergo an external audit
anyway" that all the arrangements that this entails (i.e.
confidentiality, if there is a need to move off-site data sets
containing personal info etc etc) are already included at this high
level "audit agreement". So, a separate agreement just covering the
Info Governance stipulations are not needed here in TWC.
Hope this helps.
Many thanks
Trish
Trish-louise Bailey
Information Governance (IG)
(Data Protection & Privacy, Freedom of Information, Information
Security, Information Sharing & Confidentiality, Information Assurance,
Records & Information Management)
Telford & Wrekin Council
Civic Offices
Coach Central
Telford
TF3 4HD
www.telford.gov.uk
em: [log in to unmask] or [log in to unmask]
(Gov Connect - secure transmission)
tel: 01952 382537
mb: 07528 969455
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Cotterill, Steve
Sent: 14 April 2010 16:19
To: [log in to unmask]
Subject: External Auditors and Data Protection!!!
Dear all,
How do local authorities deal with the issue of Data protection and
external auditors (currently the Audit Commission)?
Auditors obviously look at a lot of data, some of it sensitive personal
data (this time they are checking out leisure memberships and the audit
trail regarding this). Are we right to rely on the fact that they can
quote a relevant 'statutory act' and we have to allow access?
How do you deal with the fact they might want to take 'personal data'
out of the office.
Whilst this is something we maybe should already have a process for,
does anyone have a guidance, advice regarding this?
I have rung the ICO helpline and unfortunately this time (perhaps
understandably) the advice was relatively generic such as asking what
information do you want, why do you want it and what powers can you have
it under?
Any comments greatly appreciated.
Regards
Steve
________________________________________________________________________
______________________________________________
Stephen Cotterill
Procurement & Technical Officer x3296
Broxtowe Borough Council
Resources Directorate
Council Offices, Foster Avenue,
Beeston, Nottingham, NG9 1AB
Tel: 0115 917 7777
Fax: 0115 917 3577
www.broxtowe.gov.uk <http://www.broxtowe.gov.uk/>
View our procurement page at: www.broxtowe.gov.uk/procurement
<http://www.broxtowe.gov.uk/procurement>
View our contracts notice board: www.sourcenottinghamshire.co.uk
<http://www.sourcenottinghamshire.co.uk/>
Internal Users only - View our Procurement Intranet page at:
http://intranet/index.aspx?articleid=2754
<http://intranet/index.aspx?articleid=2754>
DISCLAIMER:
This email and any attachments are confidential and intended solely for
the use of the individual to whom it is addressed. If you are not the
intended recipient be advised that you have received this email in error
and that any use, dissemination, forwarding, printing or copying of this
email is strictly prohibited.
If you have received this email in error please contact the IT Service
Desk at Broxtowe Borough Council on [log in to unmask] or
telephone 0115 917 3194.
Senders and recipients of email should be aware that, under current
legislation, the contents may be monitored and will be retained. The
contents of the email may have to be disclosed in response to a request.
This disclaimer confirms that this email message has been swept for the
presence of computer viruses.
________________________________
All archives of messages are stored permanently and are available to the
world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
Selected commands (the command has been filled in below in the body of
the email if you are receiving emails in HTML format):
* Leaving this list: send leave data-protection to
[log in to unmask]
<mailto:[log in to unmask]&BODY=LEAVE%20data-protection>
* Suspending emails from all JISCMail lists: send SET * NOMAIL to
[log in to unmask]
<mailto:[log in to unmask]&BODY=SET%20*%20NOMAIL>
* To receive emails from this list in text format: send SET
data-protection NOHTML to [log in to unmask]
<mailto:[log in to unmask]&BODY=SET%20data-protection%20NOHTML>
* To receive emails from this list in HTML format: send SET
data-protection HTML to [log in to unmask]
<mailto:[log in to unmask]&BODY=SET%20data-protection%20HTML>
All user commands can be found at
http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body
of an otherwise blank email to [log in to unmask]
Any queries about sending or receiving messages please send to the list
owner [log in to unmask]
(Please send all commands to [log in to unmask] not the list or the
moderators, and all requests for technical help to
[log in to unmask], the general office helpline)
________________________________
--------------------------------------------------------------------------------------------------------------------
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom
they are addressed. If you have received this email in error
please notify the originator of the message.
Any views expressed in this message are those of the individual
sender, except where the sender specifies and with authority,
states them to be the views of Telford & Wrekin Council.
The content of this email has been automatically checked in
conjunction with the relevant policies of Telford & Wrekin Council.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
