Civil Service Live Network


Log in
Lost password

Register

What do leaders need to make a bigger difference in the civil service?Click here to join our online discussion in the Make a bigger difference group.

Group discussion > Keeping information safe in the Big Society

Keeping information safe in the Big Society

Civil Service World

Profile

Colleagues

Colleague of

Files

Pages

Blog

Photo Albums

Poll

Civil Service World

Civil Service World
245 days ago

Under the coalition’s vision of Open Public Services, commissioners will be working with an increasingly diverse range of bodies to deliver public services. These organisations may need access to personal or sensitive data in order to deliver services effectively. This presents a range of challenges because no matter how small or new the organisation, that data will need to be protected.

Last month, Civil Service World and IT services company HP hosted a round table discussion covering some of the challenges – and possible solutions – around keeping information secure in this new context.

Highlights from the discussion included:

  • Melanie McGrory, an HP defence and security specialist, called for more, and clearer guidelines from central government to support better IA procedures, rather than any change in legislation.
  • Simon Lock, a records manager at the Security Industry Authority, said privacy impact assessments devised by the Information Commissioner’s Office (ICO) should be made mandatory for all providers.
  • Delegates also heard a view from the frontline. Michael Robins is head of the Ministry of Justice’s Independent Monitoring Board Secretariat, which supports over 1,800 volunteers working in prisons and immigration remand centres. He said that inconsistencies in departmental IA policies – and the way they are interpreted – restrict volunteers from accessing data on individuals.Attendees agreed that a more "outcomes based" policy and a sensible attitude to risk among IA officials could help ensure that systems to secure information are proportionate and appropriate to the new provider landscape.
  • Looking to the future, delegates focused on the importance of sharing: McGrory called for departments to share good practice in IA policies and implementation, while Ian McCormack, a senior information assurance consultant from  CESG suggested that a shared IT service with the required IA built in would provide a cost-effective way for new providers to meet government's requirements.  

You can read the full article here, but we'd also like to hear your thoughts. What are the biggest challenges to IA in the Big Society? Do we need changes to legislation around IA to meet the new risks of the Big Society? How can we encourage officials to take a more sensible approach to risk management, and what would support better sharing of good practice among both commissioners and providers?