Policies
Dear Kent Fire and Rescue Service,
) please can you send me a copy of the current subject access request
acknowledgment AND response letter that you use
2) a copy of the last 5 dpias completed
3) a copy of any internal mandatory information governance training that
you give to staff which was written in the last 2 years including
presentation slides and videos and any other media
4) a copy of any instructions given to staff members to reduce data
security breaches, for example double checking work
5) a copy of any policies implemented in the last 2 years within the
organisation to help reduce the environmental impact that the organisation
has?
6) please can I have a copy of the risk rating that you use to evaluate data security incidents?
Yours faithfully,
Paul knight
Dear Mr Knight,
Thank you for your request made under the Freedom of Information Act 2000. We will respond to your request within 20 working days (03/02/2020).
Privacy statement
Please be aware that in order to assist you and process your request, Kent and Medway Fire and Rescue Authority will need to collect and store some of your personal data. For further information about this please refer to our privacy statement and privacy notices.
https://www.kent.fire-uk.org/hidden/priv...
Kind regards
Tom
Tom Edwards GIFireE | Kent Fire & Rescue Service | T: 01622 692121 x6579 | Policy Officer | Business Intelligence | www.kent.fire-uk.org
Dear Mr Knight,
In response to your request made under the Freedom of Information Act 2000, I have answered each of your questions in turn.
1) please can you send me a copy of the current subject access request acknowledgment AND response letter that you use
A copy of the Subject Access Request Acknowledgment is included in the PDF file attached titled "SAR acknowledgement".
Response letters are individually written relating to the nature of the request therefore we do not hold a "standard" response.
2) a copy of the last 5 dpias completed
I have included redacted copies of the two DPIAs that have been completed by Kent Fire & Rescue Service (KFRS). They are attached named DPIA and DPIA 2. This is in line with the ICO guidance on publishing DPIAs.
3) a copy of any internal mandatory information governance training that you give to staff which was written in the last 2 years including presentation slides and videos and any other media
Information Governance Training was mandatory for all staff and was delivered at the end of 2018. This e-learning package was provided by Kent County Council (KCC) and the package is not owned by KFRS, therefore please direct any request regarding this package to KCC.
4) a copy of any instructions given to staff members to reduce data security breaches, for example double checking work
Please see attached PDF titled "Information Security and Data Protection". This is taken from material distributed to staff on the KFRS intranet.
5) a copy of any policies implemented in the last 2 years within the organisation to help reduce the environmental impact that the organisation has?
Environmental impact is covered by two publically available documents therefore this part of the request is refused under Section 21 of the Freedom of Information Act (information already reasonably accessible). These documents are available here: Customer and Corporate Plan https://www.kent.fire-uk.org/about-us/pl... and Asset Strategy https://www.kent.fire-uk.org/EasysiteWeb...
6) please can I have a copy of the risk rating that you use to evaluate data security incidents?
This is based on an assessment of the following points:
Whether there has been a breach of the organisation's policies, procedures and or processes
A breach of GDPR by the organisation
The volume of personal data lost
The sensitivity of the data lost, compromised and or unlawfully corrupted.
This assessment then informs the actions to be taken
If you are unhappy with the way we have handled your request, you may ask for an internal review. Information about our review process is available via the following link on our website.
http://www.kent.fire-uk.org/contact-us/f...
If you are not content with the outcome of the internal review, you have the right to apply directly to the Information Commissioner for a decision. The Information Commissioner can be contacted at: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Kind regards
Tom
Tom Edwards GIFireE | Kent Fire & Rescue Service | T: 01622 692121 x6579 | Policy Officer | Business Intelligence | www.kent.fire-uk.org
We work to defend the right to FOI for everyone
Help us protect your right to hold public authorities to account. Donate and support our work.
Donate Now