Data Protection Officer

Caroline Smith made this Freedom of Information request to Aberdeen City Council

Automatic anti-spam measures are in place for this older request. Please let us know if a further response is expected or if you are having trouble responding.

Roedd y cais yn llwyddiannus.

Dear Aberdeen City Council,

1. Could you let me know?

a. What position in the Council is designated as Senior Information Risk Owner (SIRO)?
b. The name of your Data Protection Officer (DPO)?
c. Job title of the DPO, if not just DPO?
d. If the DPO also has other duties, approximately how much of their time is spent on DPO work?
e. If the DPO has other responsibilities, has a risk assessment been carried out to ensure that any potential conflicts of interest as identified in the GDPR and the guidance from the European Data Protection Board are managed? If so, has this been reviewed in light of the recent decision of the Belgium Data Protection Authority (28 April 2020): https://edpo.com/news/dpo-and-conflict-o...
f. The line manager of the DPO – i.e. the post that the post holder reports to. Is it the SIRO?
g. Who the DPO reports to in their role as DPO if that differs from the line manager? Is it the SIRO?
h. At what spinal point is the DPO paid?
i. Key relevant qualifications that the DPO and SIRO hold or relevant training completed.

2. And could you provide the relevant extract of the Council’s Organisational Chart that shows the DPO, the DPO’s line manager, the post holder that the DPO reports to, the SIRO and Chief Executive?

Yours faithfully,

Caroline Smith

Foi Enquiries, Aberdeen City Council

1 Atodiad

Dear Ms Smith,

 

Information enquiry reference FOI-20-0813.

 

Thank you for your recent request for information, which we received on 19
August 2020. 

 

The scheduled date for our response to your request for information is on
or before 16 September 2020.

 

While Aberdeen City Council are prioritising resources to support
vulnerable citizens and essential services, we remain committed to provide
responses to requests as soon as we can.

 

Please refer to [1]FOISA reviews & appeals and [2]Your Data for more
information about your rights under the Freedom of Information Scotland
Act (FOISA).

 

Please do not hesitate to contact us should you have any queries in the
meantime.

 

Yours sincerely,

 

[3]ACC_Crest_for Salomeh Kheyri Rad | Access to Information Officer
mac email
Aberdeen City Council | Access to Information Team |
Customer Feedback |Customer

Marischal College | Business Hub 6 | 1^st Floor  | Broad
Street | Aberdeen | AB10 1AB

 

Dial: 01224 522166

[4]www.aberdeencity.gov.uk | Twitter: @AberdeenCC |
Facebook.com/AberdeenCC

 

 

IMPORTANT NOTICE: This e-mail (including any attachment to it) is
confidential, protected by copyright and may be privileged. The
information contained in it should be used for its intended purposes only.
If you receive this email in error, notify the sender by reply email,
delete the received email and do not make use of, disclose or copy it.
Whilst we take reasonable precautions to ensure that our emails are free
from viruses, we cannot be responsible for any viruses transmitted with
this email and recommend that you subject any incoming email to your own
virus checking procedures. Unless related to Council business, the
opinions expressed in this email are those of the sender and they do not
necessarily constitute those of Aberdeen City Council. Unless we expressly
say otherwise in this email or its attachments, neither this email nor its
attachments create, form part of or vary any contractual or unilateral
obligation. Aberdeen City Council's incoming and outgoing email is subject
to regular monitoring.

References

Visible links
1. https://www.aberdeencity.gov.uk/services...
2. https://www.aberdeencity.gov.uk/your-dat...
4. http://www.aberdeencity.gov.uk/

Foi Enquiries, Aberdeen City Council

1 Atodiad

Dear Ms Smith,

 

Thank you for your information request of 19 August 2020. Aberdeen City
Council (ACC) has completed the necessary search for the information
requested. Our response is now detailed below.

 

1. Could you let me know?

 

a. What position in the Council is designated as Senior Information Risk
Owner (SIRO)?

Chief Officer – Governance

 

b. The name of your Data Protection Officer (DPO)?

Helen Cannings

 

c. Job title of the DPO, if not just DPO?

Not applicable, the job title of the Council’s DPO is just Data Protection
Officer.

 

d. If the DPO also has other duties, approximately how much of their time
is spent on DPO work?

Not applicable.

 

e. If the DPO has other responsibilities, has a risk assessment been
carried out to ensure that any potential conflicts of interest as
identified in the GDPR and the guidance from the European Data Protection
Board are managed? If so, has this been reviewed in light of the recent
decision of the Belgium Data Protection Authority (28 April 2020):
https://edpo.com/news/dpo-and-conflict-o...

Not applicable.

 

f. The line manager of the DPO – i.e. the post that the post holder
reports to. Is it the SIRO?

The Data Protection Officer is currently line managed by the Chief Officer
– Data & Insight.

 

g. Who the DPO reports to in their role as DPO if that differs from the
line manager? Is it the SIRO?

The Data Protection Officer has a dotted line report to the Council’s
Chief Officer – Governance (and SIRO).

 

h. At what spinal point is the DPO paid?

The Council’s Data Protection Officer is role graded at G15 (£44,733 -
£51,121)

 

i. Key relevant qualifications that the DPO and SIRO hold or relevant
training completed.

Please find below an extract from the Data Protection Officer Job role
which lists the essential requirements for the role:

 

+--------------------------+
|Requirements of the Job   |
|--------------------------|
|The post holder needs to |
|hold as a minimum:  |
| |
|  |
| |
| o A degree qualification|
| in a relevant |
| discipline (law, |
| information management|
| or information |
| assurance) and |
| Postgraduate degree or|
| significant |
| demonstrable |
| experience.  |
| o A Practitioner |
| Qualification in Data |
| Protection or |
| demonstrable |
| equivalent |
| experience.  |
| |
|  |
+--------------------------+

 

Please find below an extract from the Chief Officer - Governance role
which lists the essential requirements for the role:

 

+------------------------------------------------------------------------+
|Requirements of the Job  |
|------------------------------------------------------------------------|
|The post holder needs to hold as a minimum: |
| |
|  |
| |
| o Admitted as a solicitor in Scotland and holding a Practising |
| Certificate from the Law Society of Scotland. |
| |
|  |
| |
| o Relevant degree or professional qualification. |
| |
|  |
| |
| o Evidence of Continuous Professional Development. |
| |
|  |
+------------------------------------------------------------------------+

 

2. And could you provide the relevant extract of the Council’s
Organisational Chart that shows the DPO, the DPO’s line manager, the post
holder that the DPO reports to, the SIRO and Chief Executive?

 

The Council does not currently hold an organisational chart which shows
this.

 

• The Data Protection Officer role currently reports to the Chief Officer
– Data & Insight, with a Dotted line report to the Chief Officer –
Governance.

• The Chief Officer – Data & Insight reports to the Director for Customer,
who reports to the Chief Executive.

• The Chief Officer Governance currently reports directly the Chief
Executive.

 

We are unable to provide you with information on relevant extract of the
Council’s Organisational Chart that shows the DPO, the DPO’s line manager,
the post holder that the DPO reports to, the SIRO and Chief Executive as
it is not held by ACC.  In order to comply with our obligations under the
terms of Section 17 of the FOISA, we hereby give notice that this
information is not held by us. 

 

We hope this helps with your request.

 

Yours sincerely,

 

Grant Webster

Access to Information Officer

 

INFORMATION ABOUT THE HANDLING OF YOUR REQUEST

 

We handled your request for information in accordance with the provisions
of the Freedom of Information (Scotland) Act 2002. Please refer to
[1]FOISA reviews & appeals and [2]Your Data for more information about
your rights under FOISA.

 

 

[3]ACC_Crest_for Grant Webster | Access to Information Officer
mac email
Aberdeen City Council | Access to Information Team |
Customer Feedback |Customer

Marischal College | Business Hub 6 | 1^st Floor  | Broad
Street | Aberdeen | AB10 1AB

 

Dial: 01224 522166

[4]www.aberdeencity.gov.uk | Twitter: @AberdeenCC |
Facebook.com/AberdeenCC

 

 

[5]COVID-19

COVID-19

COVID-19

 

IMPORTANT NOTICE: This e-mail (including any attachment to it) is
confidential, protected by copyright and may be privileged. The
information contained in it should be used for its intended purposes only.
If you receive this email in error, notify the sender by reply email,
delete the received email and do not make use of, disclose or copy it.
Whilst we take reasonable precautions to ensure that our emails are free
from viruses, we cannot be responsible for any viruses transmitted with
this email and recommend that you subject any incoming email to your own
virus checking procedures. Unless related to Council business, the
opinions expressed in this email are those of the sender and they do not
necessarily constitute those of Aberdeen City Council. Unless we expressly
say otherwise in this email or its attachments, neither this email nor its
attachments create, form part of or vary any contractual or unilateral
obligation. Aberdeen City Council's incoming and outgoing email is subject
to regular monitoring.

References

Visible links
1. https://www.aberdeencity.gov.uk/services...
2. https://www.aberdeencity.gov.uk/your-dat...
4. http://www.aberdeencity.gov.uk/
5. https://postimg.cc/kDxFrXny