AUTHOR
Paul Simpkins
PUBLISHED IN
ETHICOMP Journal Vol 1 Issue 2
ABSTRACT
I was appointed to the post of Data Protection Compliance Officer in the summer of 1998 following a report to Council Management Board stating that there was no co-ordinated approach to Data Protection in Bradford Council and in anticipation of tougher regime with the new act. Data Protection had been under local control for ten years and there were pockets of good practice but entire wardrobes full of bad practice.
My brief was wide. Carry out a data audit, raise awareness via training, manage external liaison, work in a co-ordinating role to pull the various strands together and to be involved with policy-making especially in the area of IT legislation which for some reason seems to be the filing cabinet into which Data Protection had automatically been placed.
Data Protection is a difficult subject on which to deliver training. It’s rather dry and much of the time involves balancing the rights of individuals on the scales of competing legislation. If you hear a speaker from the Information Commissioner’s office they clearly know their onions but jump from Schedule 3 to Principle 7 without shedding a single tear. (That’s from conditions for processing sensitive vegetables to security of kitchen knives if you weren’t sure…)
I opted for a more practical approach which would involve relating the law to incidents which happen within the experience of the staff at Bradford Council. I was keen to involve both Legal and Audit as allies in this operation and I was fortunate in meeting two people who thought the same way. Between us we evolved the Bradford Way… In this paper I hope to outline the aims and objectives of a Data Protection Compliance Officer working in the public sector. I will offer an insight into the life of a Data Protection Compliance Officer. Wherever possible I will bring in examples from real life to illustrate the points and I hope to give you some indications of how this important piece of legislation will be managed in the future.
The new Act is a small step for man but is part of a whole flight of stairs for personkind in Bradford. We have to consider the Crime & Disorder Act, the Public Interest Disclosure Act and soon the Freedom of Information Act. Central Government is promoting the delivery of services by electronic means and Local Government is being encouraged into more and more partnerships with external agencies where sharing of data becomes the norm. These have to be properly managed and the rights of individuals need protecting.