SCOTTISH LOCAL AUTHORITIES SET FOR GDPR
Local authorities across Scotland are reaping major benefits whilst preparing for the EU’s General Data Protection Regulations (GDPR), thanks to collaborative working within the Local Government Digital Partnership.
New measures enforceable from 25 May 2018, will mean local authorities face stricter guidelines on how they collect, store, record and share personal data. The Scottish Digital Office GDPR Readiness Project has allowed councils to work collaboratively to produce key resources which have been shared amongst the 30 local authorities.
Leading the project on behalf of the Scottish Digital Office, Glasgow City Council and Fife Council have worked to produce a GDPR toolkit containing a fully-worked out project plan and project risk register, detailed analysis of the new rules, flowcharts for establishing the legal basis for processing, data protection impact assessment templates, data gathering templates, technology compliance assessment materials and guidance plus education materials for staff. As a result, this pool of specialised resources has provided major benefits to all the partners.
These benefits are realised by allowing materials to be re-used widely and avoiding duplication of effort. Councils have been able to move much more quickly from planning to implementation, something which will achieve the expected outcomes set out at the beginning of the GDPR project whilst helping accelerate its execution. The production of the implementation plan has ensured good data governance practices are established to include GDPR, with the aim of reducing money to be spent on the new legislation non-compliance fines - a huge reputation benefit for councils.
Paul Elliott, Project Manager and Corporate Governance Advisor at Glasgow City Council, said: “Local authorities that have been using our shared materials will have saved a considerable amount of time and resource whilst preparing for GDPR and should be more confident in ensuring compliance with the new data protection legislation.”
Having one consistent legal interpretation of the new legislation has also ensured the requirement for resources across the Partnership has been sizably reduced whilst creating a common understanding of the legislation’s impact. As an unintended benefit, an efficient model for future data legislation changes has now been tried and tested within this project.
Meic Pierce Owen, Records Manager at Fife Council, said: “All of the resources are shared on the Knowledge Hub, a collaboration platform for partners to exchange knowledge, experiences and ideas. This has proved a valuable tool for on-going collaborative development of GDPR within the Partnership, which should help reduce development costs across Scottish local authorities.”
The new regulations require local authorities to carry out a full information audit and for many, a culture change to ensure they do not face the major fines that can be imposed on councils and other bodies for data protection breaches.
Martyn Wallace, Chief Digital Officer for Scotland, said: “Our GDPR Readiness Project has delivered substantial benefits to our partners as well as avoiding unnecessary costs, which is crucial at a time where our partners need it most. Credit must go to all our project team, particularly Glasgow City Council and Fife Council who have worked solidly on behalf of the Partnership to deliver this project over the last year.”