Local authority’s data protection audit report shows room for improvement

The Information Commissioner (ICO) has handed a “limited assurance” rating to Central Bedfordshire Council in its data protection audit.

The ICO advised that the council take action to better its data sharing practises, records management and training and awareness.

The ICO report said: “There is a limited level of assurance that processes and procedures are in place and delivering data protection compliance.

The audit has identified considerable scope for improvement in existing arrangements to reduce the risk of non-compliance with the DPA.”

The report lists the council’s “areas of improvement”, including the fact that tere is currently no data protection role specific training for employees with “data sharing, Information Asset Owner (IAO) or subject access responsibilities“.

The report does, however, acknowledge “robust access controls to mitigate the risk of unauthorised access to electronic records“.

Related reading