Information Governance & Security
David Chilvers made this Freedom of Information request to Kent County Council
This request has been closed to new correspondence. Contact us if you think it should be reopened.
Dear Kent County Council,
1. List of positions within the council that as part of their role
either enforce or contribute to Information Governance (including,
but not limited to, Data Protection, Freedom of Information,
Environmental Information Regulations, IT Security etc).
2. Copies of minutes for your governance groups that have
responsibility for or contribute to Information Governance with a
copy of their Terms of Reference.
3. Copies of your current policies that reference or directly
govern Information Governance and/or Security
within the council.
Minutes, terms of reference and position structures should be kept
centrally as part of your Audit requirements. Policies should be
available via an intranet according to ICO practical guidance. If
you apply a section 12 exemption (cost or time limit) I recommend
this is highlighted to your audit department as a Governance and
Audit compliance risk.
Yours faithfully,
David Chilvers
Dear Mr Chilvers
Thank you for your email below.
Kent County Council acknowledges your request for information under the
Freedom of Information Act 2000. Assuming KCC holds this information, we
will endeavour to supply the data to you as soon as possible but no later
than 22 August 2012 (20 working days from date of receipt).
We will advise you as soon as possible if we do not hold this information
or if there are exemptions to be considered and/or any costs for providing
the information. Please quote our reference - FOI/12/1018 - in any
communication regarding this particular request.
Best regards
James Mercer
Information Access Officer
Information Resilience & Transparency Team
Business Strategy & Support, Governance & Law
Kent County Council, Room 2.71, Sessions House, County Road, Maidstone,
ME14 1XQ.
Telephone: 01622 221037, Internal: 7000 1037, Fax: 01622 696075
[1]http://www.kent.gov.uk/your_council/cont...
Dear Mr Chilvers
Thank you for your request for information.
1. List of positions within the council that as part of their role
either enforce or contribute to Information Governance including,
but not limited to, Data Protection, Freedom of Information,
Environmental Information Regulations, IT Security etc).
Kent County Council's Information Resilience & Transparency Team is the
KCC unit primarily responsible for the Council's compliance with
information governance. The Team's responsibilities include managing and
coordinating requests for information, KCC's Data Protection
registration and notification; maintenance of Freedom of Information
Publication Scheme & Asset Register; liaison with the Information
Commissioner's Office and provision of assistance, guidance and training
to officers and Members on all aspects of Information Governance such as
Records Management, and Information Security. The Team also maintains
the Information Security Incident Log and investigates alleged Data
Protection breaches in accordance with the Incident Protocol.
I have attached the team's structure which shows the various posts
within the Team.
The Director of Governance & Law, Geoff Wild, is KCC's Senior
Information Risk Owner:
http://www.kent.gov.uk/your_council/how_...
directors/governance_and_law.aspx
In addition KCC's ICT Department has two positions falling within the
scope of your request namely 'ICT Security and Service Manager' (New
Post 2012) and 'Information Systems Security Officer'
2. Copies of minutes for your governance groups that have responsibility
for or contribute to Information Governance with a copy of their
Terms of Reference.
I have attached the Terms of Reference for the Cross-directorate
Information Governance Group together with all meeting minutes since its
inception.
3. Copies of your current policies that reference or directly govern
Information Governance and/or Security within the council
I have attached copies of the following policies:
Information Security Policy
Information Security Incident Protocol
ICT Security Policy
Malicious Software Protection Policy
Electronic Communications Policy
Acceptable Use policy
Other policies are currently under review.
If you are unhappy with this response, and believe KCC has not complied
with legislation, please ask for a review by following our complaints
process; details can be found at this link
http://www.kent.gov.uk/your_council/have...
s/complaints_procedure.aspx on our website. Please quote reference
FOI/12/1018.
If you still remain dissatisfied following an internal review, you can
appeal to the Information Commissioner, who oversees compliance with the
Freedom of Information Act 2000. Details of what you need to do, should
you wish to pursue this course of action, are available from the
Information Commissioner's website
http://www.ico.gov.uk/complaints/freedom...
Best regards
Caroline Dodge
Team Leader, Information Resilience & Transparency Team, Business
Strategy & Support, Governance & Law Kent County Council, Room 2.71,
Sessions House, County Road, Maidstone, ME14 1XQ
Tel: 01622 221652, Internal 7000 1652,
Fax: 01622 696075
http://www.kent.gov.uk/your_council/cont...
x
We work to defend the right to FOI for everyone
Help us protect your right to hold public authorities to account. Donate and support our work.
Donate Now
David Chilvers left an annotation ()
Apologies, to clarify point 2, I would like minutes dating back 2 years.