Policy and Resources Committee

28 September 2016

Is the final decision on the recommendations in this report to be made at this meeting?

Yes

 

Information Management Strategy

 

Final Decision-Maker

Policy and Resources Committee

Lead Director

Director of Finance and Business Improvement

Lead Officer and Report Author

Angela Woodhouse, Head of Policy and Communications

Classification

Public

Wards affected

 

 

 

This report makes the following recommendations to this Committee:

1.   To review and approve the Information Management Strategy attached at Appendix A.

2.   To identify a lead member for Information Management.

 

 

 

 

This report relates to the following corporate priorities:

Effective information management will improve decision making and impacts on both the council objectives.

·         Keeping Maidstone Borough an attractive place for all

·         Securing a successful economy for Maidstone Borough

 

 

Timetable

Meeting

Date

Policy and Resources Committee

28 September 2016

 

 



Information Management Strategy

 

 

1.        PURPOSE OF REPORT AND EXECUTIVE SUMMARY

 

1.1     The strategy sets out our approach to information governance and assurance and actions we will be taking in regard to information management.

 

 

 

2.        INTRODUCTION AND BACKGROUND

 

2.1     All information needs to be managed across its lifecycle. How well this is done will significantly impact how any organisation meets both its legal compliance obligations and how efficient and effective it is. An action plan has been in place since 2014 to address the quality of the Council’s document and record management arrangements. The Audit, Governance and Standards Committee have been updated on the action plan as part of the review of the council’s annual governance statement.

 

2.2     The Strategy sets out the Council’s vision for information management and cornerstones for ensuring we have information that is accessible, fit for purpose and open and transparent.

 

2.3     A significant number of actions have been completed to date including:

 

·         New Freedom of Information and Data Protection Guidance

·         Information Asset Register

·         New data protection and information management module on the e-learning system

·         Public Disclosure Log for FOIs

·         Information Sharing Policy

·         Guidance for staff on information Sharing

·         Information Risks included as part of corporate risk register

·         Senior Information Risk Owner in place

·         Information Management Group established

·         Training delivered on data protection at information management at a unit manager level and with key teams

 

2.4    The strategy at Appendix A includes an action plan setting out the action we will take to ensure there are effective information management and governance arrangements in place.

 

 

3.        AVAILABLE OPTIONS

 

3.1     The Committee could choose not to agree the Strategy and Action Plan. This will increase the risk in regard to information management as there is currently no Information Management Strategy

 

3.2     The Committee could amend the strategy and action plan or approve the strategy and action plan as per appendix A.

 

3.3     The Committee could decide not to appoint a lead member for information management. The lead member should have a good understanding of this strategy and promote the vision for information management alongside the Council’s Senior Information Risk Owner. Councillors use information to reach decisions about priorities and the allocation of resources. It is important they have confidence in the information and data they are given and have an adequate understanding of the importance of data quality and information management

 

 

 

 

 

4.        PREFERRED OPTION AND REASONS FOR RECOMMENDATIONS

 

4.1     The Information Management Strategy and Action Plan sets out the Council’s vision and approach to information management and governance. Information is an essential asset for Maidstone Borough Council. Without our information assets we simply cannot operate; an essential source of knowledge and learning, information helps to inform our decision making. The purpose of this strategy and supporting policies and procedures is to ensure that it is managed effectively and efficiently so we can find the information when we need it and to be confident that it is safeguarded appropriately.  It is not easy to get information management right; however, the cost of getting it wrong can be high, resulting in poor decision making, increasingly punitive monetary penalties from the Information Commissioner’s Office and reputational damage that can ensue from data protection breaches and ill-conceived decisions.

 

4.2     The benefits of the strategy tie directly into Maidstone’s Values and include:

 

·      Efficiency savings through more effective use of physical and electronic storage and staff productivity.

·      Better customer service through improved access to relevant information, making requests easier to handle in a shorter amount of time.

·      Environmental benefits by reducing reliance on paper files and physical storage.

·      Better working environment through removal of irrelevant information from the office environment, allowing staff easier access to the information required to perform their job.

·      Improved compliance with the MBC’s legal requirements.

·      Provide a sound basis for transition to e-government and services.

 

4.3     The vision for Information Management is:

 

“Maidstone Borough Council is committed to being a compliant organisation that consistently improves the way we manage our data and information. Information matters and we aim to build the Council’s capability in managing it, enabling us to increase our knowledge and insight and ultimately ensuring well informed decision-making to meet our strategic priorities and deliver excellent services.

To deliver the IM vision our information will be managed in a way that is:

·       Accessible;

·       Fit for purpose; and,

·       Open and Transparent”

 

 

4.4     The strategy sets out the governance framework and responsibilities in the Council. The Council has an established Information Management Group whose role is to provide direction, support and manage information risk and security.

 

4.5     The strategy at Appendix A includes an action plan to improve information management at the Council. This includes reviewing how data is stored and disposed, training for all staff and updating and disseminating policies and procedures on information management.

 

4.6     The lead member will have a role in promoting the strategy and raising awareness and understanding of the importance of information management and governance.  They will be invited to attend the Information Management Group at six monthly intervals and will work alongside the Council’s Senior Information Risk Owner.

 

 

5.       CONSULTATION RESULTS AND PREVIOUS COMMITTEE FEEDBACK

 

5.1     The Strategy has been through the Information Management Group and Corporate Leadership Team. The Policy and Resources Committee is asked to consider and approve the Strategy.

 

6.       NEXT STEPS: COMMUNICATION AND IMPLEMENTATION OF THE DECISION

 

6.1     Once the Strategy has been approved it will be added to our internet and intranet and disseminated to unit managers. Further training on information management is planned to support the strategy.

 

 

 

 

7.       CROSS-CUTTING ISSUES AND IMPLICATIONS

 

Issue

Implications

Sign-off

Impact on Corporate Priorities

Effective information management will improve decision making and impacts on both the council objectives.

 

Head of Policy and Communications

Risk Management

The senior information Risk Owner will take ownership of Information Management and act as a champion for risk.

Head of Policy and Communications

Financial

There are significant financial implications if we fail to govern and manage our information properly. The initiatives in the strategy will be delivered within existing resources

Head of Policy and Communications

Staffing

All staff have responsibilities in relation to information management, training will continue to be delivered to ensure staff are aware of these.

Head of Policy and Communications

Legal

The Council has an obligation to comply with the legislation relating to information held or created by the Council, these are set out in the strategy

 

Equality Impact Needs Assessment

Some data we store may be sensitive and/or personal data and we have a duty to look after and manage this information correctly. We also have a duty to ensure information is accessible to all and transparent

Head of Policy and Communications

Environmental/Sustainable Development

N/A

Head of Policy and Communications

Community Safety

Failure to manage information correctly could increase risks to individuals/communities

Head of Policy and Communications

Human Rights Act

See legal section above

Head of Policy and Communications

Procurement

N/A

Head of Policy and Communications

Asset Management

Information is one of the council’s biggest assets, the strategy sets out how this information will be managed.

Head of Policy and Communications

 

8.        REPORT APPENDICES

The following documents are to be published with this report and form part of the report:

·                    Appendix A - Information Management Strategy

 

9.        BACKGROUND PAPERS

 

None