break
break
break
break

start of content

Information Management - FAQs

break
What is the purpose of Information Security Policy?

The purpose of the policy is to define our approach to information, systems and communications security. This policy is applicable to all permanent, contract and temporary personnel, and to all third parties who have access to Newham systems and information.

What are the objectives of the Information Security Policy?

The principal objectives of this policy are: • To protect Newham information assets from all threats, whether internal or external. • To ensure that all Newham personnel are fully aware of the requirements of information security. • To identify to all personnel their respective responsibilities in relation to the security of information. • To ensure that all personnel are aware of the requirement for them to comply with all Information Security related legislation. • To protect customer information and assets. • To ensure that Newham meets, or exceeds, all aspects of security best practice

How are the Caldicott Standards observed by the council?

We: 1. Inform clients about the use of information concerning them (making arrangements for clients with special needs). 2. Develop a code of conduct on confidentiality, which is updated regularly. 3. Develop a staff induction procedure to ensure staff have a comprehensive awareness of the requirements of Caldicott. 4. Ensure there is ongoing assessment of staff training needs (including evaluation as part of our appraisal process). 5. Provide In-house training for all staff. 6. Ensure formal confidentiality contracts are made with contractors and support organisations. 7. Have regular reviews of information flows containing personally identifiable information. 8. Ensure ownership is established for all information/data. Owners need to justify this purpose and agree staff access with the Caldicott Guardian. 9. Develop safe haven procedures for all relevant information flows. 10. Review security policy annually (check staff awareness and comprehension). 11.Ensure there is staff awareness of who has responsibility for information security. 12. Ensure that an information risk management programme exists (outcomes, reports and recommendations are provided to senior management). 13. Ensure all security incidents are documented and accessible to staff. 14. Ensure that security monitoring is in place. 15. Ensure that password changes are enforced on a regular basis. 16. Ensure that all staff have defined access rights agreed by the Guardian.

What are the benefits of Caldicott?

1. It breaks down barriers to partnership working. 2. Service users and the public will have more confidence in the Council (in the handling of personally identifiable information). 3. It will work towards a seamless service between the Council services and health partners.

Who is the Caldicott Guardian?

The Head of Information Governance has the overall responsibility of making sure everyone in the council understands the Caldicott Standards and applies them.

What is a record?

Recorded information, in any form, (manual, electronic and technological e.g. audio or video tape) which is created by or received and maintained by us is a record. This includes all recorded information in respect of any transactions or function or activity carried out by us ranging from individual casework, research, decision making, internal management of the business and policy strategy formulation. It includes all records of opinion as well as fact whether maintained in any structural form or not (e.g. letters/memos out and in, file notes, notes of opinion, typed or handwritten documents, leaflets, posters, tapes of conversations/ messages, reports, spreadsheets, working documents, metadata and rough drafts). It will also include voice recordings, contact centre recordings, voice mail, answer phone messages, instant messaging and text messages.

What is not a record?

Unrecorded information, information which will be recorded in the future but has not yet been or information which was recorded but has been destroyed where there is no other record available, (this includes, conversations, minutes of meetings not yet produced (but notes would be) and destroyed records (where all versions have been destroyed permanently).

Why is record management important?

Effective records management will help us to meet our aims and legal requirements and help us access the information needed speedily to do our jobs effectively.

What is meant by re-use?

You must ask if you wish to re-use our information in such a way that without permission, could breach our copyright.

What are the Re-Use of Public Sector Information Regulations?

Set conditions for copyright, licensing and terms for re-use of public information The Re-use of Public Sector Information Regulations 2005 started 1st July 2005 European Communities (EC) Directive

What are the basics of the Re-use of Public Sector Regulations?

We do not have to make information available for re-use under the Public Sector Information Regulations. We have 20 working days from the first working day after the request is received for a response to a request for re-use. We may extend this period if the request is complex. We can charge a licence fee if we do not wish re-use of our information to be free. We have to make available our conditions for the re-use of information and any applicable charges. We must not discriminate between applicants making requests for re-use for comparable purposes. We should make Information available for re-use electronically if possible.

Who are included in the regulations?

The following are included:  Minister of the Crown  Government Departments  Parliament  Local Authorities  Police  National Health Service  Fire Authority, etc

What does it exclude?

It excludes the following:  Public Service Broadcasters  Educational and Research Establishments  Cultural Establishments  Information exempt under FOI or EIR  Breach of Data Protection  Someone else's copyright  Outside Council's responsibility

What do we have to do?

You have to:  We have to set conditions for re-use of information, which includes fees, if applicable.  We need to prepare and maintain an information asset register and arrange access.  Comply if copyright / licensing requirements.

How do I make a request?

 The request has to be in writing and can be sent electronically i.e. email.  The request has to be legible.  States name of the applicant and address for correspondence.  Specify the document requested. The request is sent to: Information Governance 2nd Floor, Broadway House High Street London E15 1AJ

What information can be requested?

 Statistics  Tourists information  Geographical information  Environment information  Educational information  Research  Census data  Official records  Contractors information  Leaflets and forms  Any thing that the Council Public  Information we charge for  Information we are asked for regularly  Databases of businesses

What are information protocols?

Information protocols are agreements that provide the following details: 1. The principles for information sharing 2. Relevant legislation, guidance and procedure, including the Data Protection Act and Caldicott 3. The conditions we need to meet if we are sharing information 4. How we ask service users for consent to share information. [back to top]

Information Management

break

Rate this page

Was this information useful?

break
break
break
London Borough of NewhamNewham Dockside1000 Dockside RoadLondon, E16 2QUTelephone 020 8430 2000
  • Directgov website - opens new window
  • Newham.Com website - opens new window
break