Agenda item

Report of the Executive Director of Resources

The Committee considered a report of the Executive Director of Resources, which provided an overview of the number of requests for information received under the Freedom of Information Act 2000 (FOIA), the Environmental Information Regulations 2004 (EIR) and the Data Protection Act 1998 (DPA).

Under the Freedom of Information Act, the Council is required to provide the public with a means for requesting information held by the Authority, subject to any exemptions that may apply.  In addition, Section 39 of Freedom of Information Act required the Council to process requests for environmental information under the Environmental Information Regulations 2004.  The EIR process, whilst similar to FOIA, promoted ‘proactive dissemination’ of information and provided fewer grounds for the Council to withhold information.  Both FOIA and EIR permit personal data, as defined by the Data Protection Act 1998, to be withheld where the applicant is not the subject of the data.

The Council is obliged to respond to information requests within 20 calendar days, provided that the requests are in writing, an address for responding to has been provided and it contains sufficient information for the Council to be able to confirm or deny whether information is held, subject to any exemptions.  The Information Commissioner’s Office (ICO) monitors and publishes information about those authorities who respond to 85% or less of requests within 20 working days.  During 2014/15, the Council received 1,307 requests (1,237 FOIA and 70 EIR) of which 1,029 (79%) were completed within 20 working days.  Although the Council did not record the reasons why requests exceeded the statutory timescales, this could be due to delays in identifying whether information is held/and or internal deliberations around the application of any valid exemptions.

The Data Protection Act 1998 requires the authority to process personal data in accordance with the principles of the Act, which includes providing a means for an individual to request access to information that the Council processes about them, subject to any exemptions that may apply.  Requests have to be responded to if the applicant has provided sufficient information to identify and confirm who they are and a payment of the statutory £10 fee, if applicable, has been made.  DPA requests have to be completed within 40 calendar days.  During 2014/15, the Council received 224 DPA subject access requests, of which 154 (69%) were completed within 40 calendar days.

For all requests, the Council was required to inform the requester of its internal review process to consider complaints in regard to how requests had been handled.  This process was handled by the Information Governance Team.  After a review had been completed, the applicant had a right to complain to the ICO for an independent ruling on the outcome of the review.  The ICO would issue a decision notice on whether the complaint had been upheld, partially upheld or not upheld and, where applicable, the actions the authority had to undertake. 

The Council received 20 requests for FOIA/EIR internal reviews and the report set out the grounds for the review, along with the outcome.  The Council did not receive any ICO complaints during the course of the year in relation to FOIA/EIR requests.  In addition, the Council received 15 requests for DPA internal reviews and the grounds for the review and the outcome was also set out in the report.  The Council received 8 ICO complaints during the course of the year in respect of DPA requests and the Committee noted that none of the complaints were upheld.

The Committee were advised that, while the percentage of requests responded to within the statutory time limits had fallen during the year, staff turnover within the Information Governance Team and across the Council, as well as changes to the way in which requests were handled had impacted on the performance rate. The team had also been restructured and there were currently 2 vacant posts, including the Senior Information Governance Officer, which were in the process of being recruited to.  The recent programme of ER/VR had an impact as well in that the people who routinely dealt with requests for information were no longer employed by the Council. 

Whilst the Committee noted that the report indicated that there were no specific financial implications in relation to the report submitted, they were of the view that it would be helpful to have an understanding of the cost implications of undertaking FOIA/EIA and DPA requests, such as officer time incurred.  It was agreed that future reports should include this information.

RESOLVED that the Audit and Procurement Committee:-

1.  Note the Council’s performance for responding to access to information requests report, the number and outcome of internal reviews and the number and outcome of complaints made to the Information Commissioners Office.

2.  Request that following the appointment of the Senior Information Governance Officer, a further update report be submitted to the Committee and the relevant Cabinet Member on the performance for responding to requests for information.

3.  Request that future reports include detail on the level of costs, such as officer time, incurred in responding to Freedom of Information Act, Environmental Information Regulations and Data Protection Act requests.