Policy paper GDPR in Local Government

Similar documents
Still Too Poor to Pay Council Tax Support in London /18 Update

Proposal for asset pooling in the LGPS 15 July 2016

London s Poverty Profile 2011

The Landline Tax and other unnecessary costs on London households and businesses using fixed line broadband services

Help to Buy: ISA (Issue 3)

Local Government Pension Scheme (England and Wales) Actuarial valuation as at 31 March 2013 Report on data used for experience analysis

HelptoBuy:ISA(Issue3)

HelptoBuy:ISA(Issue3)

What can cities learn from Labour Market Intelligence? Paul Bivand Lovedeep Vaid

FOCUSONLONDON 2011 POVERTY:THEHIDDENCITY

Data Management and Analysis Group. Child Poverty in London Income and Labour Market Indicators

Notes to help you fill in the Residential Support Scheme (RSS) application

Annual CIL Update 2015

LONDON RESIDENTIAL REVIEW BREXIT AND THE PRIME LONDON PROPERTY MARKET AUTUMN 2016

London labour market projections 2017

The Impact of Welfare Reform in Kingston

The Peabody Index. Tracking the financial experiences of London s social housing tenants. Scott Corfe

National Flood Risk Assessment Key facts. Environment Agency 1 NaFRA 2005 Key Facts

Household income distribution estimates: The example of Pay to Stay impacts in Local Authority areas in two English regions

What salary will a typical first-time buyer need in 2020?

A VISION FOR STARTING UP, NOT SHUTTING DOWN

STILL TOO POOR TO PAY

00: WOMEN SAVE 17% MORE IN PROPORTION TO THEIR EARNINGS

This is Havering LONDON BOROUGH OF HAVERING. A Demographic and Socio-economic Profile. Some Key Facts and Figures. Version 3.4 (March, 2018) HAVERING

London Borough of Southwark

INCOMEANDSPENDINGATHOME

DEVELOPING IN LONDON

Child poverty in Lewisham A briefing for London s councillors. Autumn 2018

Up to our neck in it. The debt crisis in London and the impact on London s free face-to-face debt advice services

Joint Negotiating Committee for Youth and Community Workers

Let s take a fresh approach to managing money

Unaudited consolidated summary. Financial report 2017/18

Skills for Health: Skills and Labour Market Intelligence Briefing for London, 2010

Profiting from Parking

Member of the European Commission in charge of the Internal Market and Taxation

London Borough of Lambeth

Travel and Subsistence Policy

Ipsos MORI Local. Ben Page PEOPLE, PERCEPTIONS AND PLACE. Chief Executive, Ipsos MORI

Page 2

Housing market. Forecasts

Regional Forecast and Analysis Greater London (example) Sample from June 2015 forecast

Bespoke services. Browse our menu of bespoke services to see how we can support your alternative investment fund with our expertise.

LOW INCOME LONDONERS AND WELFARE REFORM A DATA LED INVESTIGATION INTO THE CAUSES AND CONSEQUENCES OF POVERTY

Number of first-time buyers in 2014 at highest since 2007

DEVELOPING IN LONDON DELIVERING SUSTAINABLE GROWTH ANNUAL REPORT 2017

The Annual Audit Letter for London Borough of Richmond upon Thames

Age UK Waltham Forest Profile: Deprivation in Waltham Forest 08/01/2013

Proposal on the provision of magistrates and county court services in London

INFORMATION BROCHURE. Invest in a London property development 6.5% Six-Year Fixed-Rate Retail Bond

Reward and Recognition Policy for Co Production in Adult Social Care London Borough of Newham (LBN) and NHS Newham Clinical Commissioning Group (CCG)

RESIDENTIAL AND BUY TO LET PRODUCT GUIDE

Two Islingtons: Understanding the problem

Residential Quarterly Autumn 2018

Natural capital accounts for public green space in London OCTOBER

London Borough of Hackney

Department for Work and Pensions Ground Floor, Caxton House, Tothill Street, London SW1H 9NA. All Housing Benefit staff.

NIRS 2: Contract extension. REPORT BY THE COMPTROLLER AND AUDITOR GENERAL HC 355 Session : 14 November 2001

UK in Version 1 Internal Use Only. Ben Page, Chief Executive, Ipsos

Subcontracting. Fees and Charges Policy

Managing the risks of legacy ICT to public service delivery

The New EU General Data Protection Regulation (GDPR)

Policy and Resources Committee 21 March 2017

The Annual Audit Letter for London Borough of Lewisham

RETIREMENT FUND TRUSTEE EDUCATION

London Borough of Lewisham

London Borough of Hackney

London s Poverty Profile

REDACTED - CENTRAL LONDON, WEST LONDON, HAMMERSMITH AND FULHAM, HOUNSLOW AND EALING CCG COLLABORATIVE

Responsible Investment in LGPS. Research and review of the pension fund s investment strategy statements (England and Wales) April 2019

A Minimum Income Standard for London

ALMO Board member remuneration survey 2010

Appendix 5. Capital Strategy. 1. Strategic Context

PROSPECTUS OF INQUIRY

Mortgages at their most affordable for a decade

October Estimate of the income and expenses of the offi ce of Auditor General for the year ending 31 March 2014

FOR CONSIDERATION BY The Executive on 29 September Keith Baker, Leader of Council and Pauline Jorgensen, Executive Member for Resident Services

Housing Committee 7 February Proposed monetary penalties for offences related to letting and property management agents.

Lending confidence. The Intricacies of SBA Lending: What You Need to Know

Intelligence Briefing English Indices of Deprivation 2010 A London perspective. June 2011

London Borough of Lewisham

From cradle to grave - EIOPA s dynamic approach to restoring consumer confidence in the sale of general insurance products.

Royal Borough of Greenwich

THE FCA PRACTITIONER PANEL S. Response to HM Treasury s Review of the Balance of Competences:

THE IMPACT OF DEMOGRAPHIC CHANGE ON PUBLIC SERVICES. Call for evidence

LOCAL AUTHORITY SOCIAL SERVICES LETTER. 10 December 2007

Resolution INVESTING IN YOUTH: FIVE CLEAR DEMANDS IN THE CRISIS

Household Interim Projections, 2011 to 2021, England

FREEDOM OF INFORMATION POLICY AND PUBLICATION SCHEME

Office of the Auditor General of Norway. Handbook for the Office of the Auditor General s Development Cooperation

Uncovering Supply Chain s Hidden Taxes

Paying for Crossrail 2. July 2018

Estimation of the National Car Ownership Model for Great Britain

The Ultimate Guide to Contracting

2. Approval of the minutes of the meeting of 22 January The minutes were approved, subject to one minor amendment.

Recommendations It is recommended that Policy & Resources Committee agree the following:

Aldridge Education. Freedom of Information Policy and Procedure

EBDOG. National School Delivery Cost Benchmarking Primary, Secondary & SEN Schools. February 2016

Annual report in brief

Distribution of Crossrail Benefits. 1 delivering a world-class, affordable railway

RWANDA S SINGLE PIU POLICY A NEW PUSH EXPERIENCES TO DATE WITH SPIUS IN RWANDA

Transcription:

Policy paper GDPR in Local Government

CONTENTS 1 Introduction and methodology Page 2 Analysis of Council Strategy Page 3-4 Recommendations and data Page 5 Conclusion Page 6

Introduction 2 The incoming General Data Protection Regulation (GDPR) will have a profound impact on the way local authorities store, manage and secure our personal data. With the enforcement data of 25 th May 2018 now fast approaching, organisations which fail to comply the GDPR will face heavy fines and severe public criticism. As facilitators of local services, from council tax to waste collection, councils hold significant volumes of personal public information, all of which must be properly secured in time for the deadline. These data sets include payment details, phone numbers, home addresses and email accounts. The principles and purpose behind the GDPR are sound. The EU wants to harmonise data protection laws across Europe, bringing in set standards that can hold irresponsible organisations to account and allow citizens to act against those who fail to manage their data securely. But with central and local government budgets still squeezed due to austerity policies, and front-line services in need of protection, how can local councils react and comply in time for the GDPR without putting public services at risk? To explore this issue, the research team at the Parliament Street think tank conducted a survey of all London Councils, asking them for detail on their allocated budget and resources to tackle GDPR. This report will shed new light on how our Councils are preparing to protect our data privacy, and debate whether the funds allocated are sufficient for complete compliance. We hope you enjoy this policy paper. The Parliament Street Research Team

Council Strategy 3 London s Councils are highly diverse, both in terms of population numbers and levels of prosperity. It is therefore difficult to compare GDPR budget allocations like-for-like. Our survey, conducted using the Freedom of Information (FOI) Act is designed simply to shed light on the different resources allocated per borough and to illustrate the specific preparations being made to comply with the GDPR. In total, from the 16 Councils which responded to our request, we estimate over 1.2million will be spent on preparation for the GDPR. The Borough with the highest allocation was Tower Hamlets, who told us they had set aside of budget of 300,000 allocated for GDPR compliance. They added that the cost of a dedicated project worker for 12 months on a salary of 49,514 per annum has been committed. In contrast, the lowest level of spending came from Hounslow, which told us they had already spent 1,000 on staff training and materials, with an additional 4,000 allocated to the project for the rest of the year. Other Councils with large budgets were the The London Borough of Redbridge, which estimated a total budget of 110,689 for GDPR, with an extra 15,000 allocated for management software. Tower Hamlets 300,000 Richmond & Wandsworth 142,110 Hackney 141,250 Redbridge 110,689 Islington 105,000 Newham and Havering 104,319 City of Westminster 90,000 Haringey 69,042 Ealing 59,862 Bexley 56,760 Sutton and Kingston 50,000 Hammersmith & Fulham 28,630 Hounslow 1,000 When it came to shared services, Newham and Havering Councils gave a collective response of 104,319 between them, which included a GDPR toolkit and a project manager. Sutton and Kingston allocated 50,000 between the two Councils. Meanwhile Richmond and Wandsworth declared 142,110.

4 The City of Westminster allocated a budget of up to 90,000. Bexley spent 1,760 on training and 55,000 on a dedicated salary with a further 53,000 allocated for the year ahead. Haringey has put aside 69,042. Ealing spent 24,004 on training and project management with a further 35,858 allocated for the year. Hammersmith and Fulham put aside 28,630 which included the cost of procuring an Information Asset Register (IAR). Hackney has spent 56,108.24 on consultancy as part of the council s readiness project, with a total budget of 141,250. Islington told us they had spent 35,000 on staff costs and training, with an extra 70,000 set aside within the Council s budget. The remaining Councils which did not respond with specific data either ignored the request or told us that GDPR budget was allocated within existing resources. Key findings from our research include: Our research showed that of the 16 boroughs which responded to our survey, a total of 1,222,804 was set aside for GDPR o Whilst a substantial figure, many IT experts we consulted considered this spend to be the very minimum required to deliver a basic programme to implement and maintain GDPR standards. Councils with larger populations tended to have more significant resources set aside o This is a logical outcome as a larger population inevitably leads to a higher volume of personal data. Most budget for GDPR spending is allocated to staff salaries and software o Many Councils have allocated budget specifically for staff costs to manage the GDPR processes. This illustrated the level of education and information governance required across the entire organisation to implement the regulation and manage its implications.

5 London s Councils have demonstrated tremendous resolve in recent years despite limited resources, growing populations and a complex political environment. Whilst the incoming GDPR will help standardise data handling policies within local authorities, it also presents significant additional financial costs and administrative overheads to cash-strapped Councils. The purpose of this report is not to criticise the IT strategies undertaken by local authorities in London, but to shed light into the preparations being made for a major piece of legislation. Our recommendations, based upon analysis of spending and resources alongside consultancy with leading IT experts are: 1. Consider implementing a shared services model for GDPR London Councils with shared service agreements have significantly lower overheads when it comes to GDPR management. This is because one IT model serves both organisations, enabling back office processes to be audited and data to be managed efficiently by one IT team. 2. Use collective external resources to hire GDPR expertise Many Councils we interviewed have invested in additional staffing to support implementation of the GDPR. We propose Councils consider a shared agreement for hiring external agencies and consultants to support GDPR strategy. This could include agreeing discounted contracts with providers at a reduced rate, serving up to three councils in one package. 3. Develop a GDPR blueprint for London London councils will all face similar implementation challenges around this legislation. It is therefore logical that a collective roadmap is developed and shared between local authorities so that each has access to implementation strategies and information. This could include sharing best practice protocols and guidelines for overcoming challenges during the processes.

Conclusion 6 The GDPR represents a major challenge for the way local authorities approach data security policies and handle public information. The implementation of these regulations and the ongoing adherence to them will require significant resources, including substantial IT expertise, consultancy and staff training. With council budgets often severely overstretched, delivering these high standards successfully poses a huge challenge both to CIOs and council leaders. However, the increased regulation brings with it an opportunity to transform the IT strategies behind public sector service delivery. The time has come for local authories to fully recognise and implement the benefits of shared services agreements, particularly with back office IT. The sharing of GDPR consultants, sharing of data management policies and implementation strategies will in turn reduce costs and create a more efficient example of local government in action. Shared services present a very exciting opportunity for building a leaner, more efficient local council infrastructure, and GDPR provides the perfect platform to test it. Thank you for your interest in his policy paper. The Parliament Street Research Team

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback