How would you respond to a freedom of information request, whilst ensuring compliance with the Data Protection Act? Get clear and practical guidance on this key data governance issue! Freedom of information is often mentioned in the same breath as data protection. In fact, the legal position is more complicated. Whereas data protection is about protecting individuals, freedom of information is about open government. The Data Protection Act is mainly concerned with the confidentiality and security of information, but the purpose of the Freedom of Information Act is to encourage the disclosure of information. Nevertheless, the Data Protection Act does permit 'subject access', whereby an individual can obtain a copy of the information held about them; it is at this point that the two pieces of legislation overlap. This authoritative pocket guide is designed to help information professionals, particularly in the public sector, understand the requirements of both Acts together with the ways in which they intersect. The guide looks at the restrictions on disclosure under the Freedom of Information Act, including the circumstances in which a request under the Freedom of Information Act must be declined, so as to protect personal data. The pocket guide also considers situations where disclosure of information about individuals under the Freedom of Information Act would not be in breach of the Data Protection Act because of the public interest in such disclosure. Benefits to data governance professionals include: -Find out how the Freedom of Information Act can be reconciled with the Data Protection Act The pocket guide sheds light on the question of when data has to be released under the Freedom of Information Act, and when data has to be kept confidential under the Data Protection Act -Understand the legal requirements of a request under the Freedom of Information Act Public bodies have a duty to help people obtain the information they seek. The pocket guide outlines the correct procedure for a public authority to follow when responding to a written request for information. -Find out what is meant by 'personal data' Under the Data Protection Act, personal data is exempt from disclosure if such disclosure would result in a breach of any of the data protection principles. The pocket guide offers an expert definition of personal data for purposes of the Act. -Understand the legal requirements of a subject access request under the Data Protection Act Under the Data Protection Act, the subject of the data has the right to see the information held about them. The pocket guide explains the correct procedure for handling a subject access request.
Chapter 1: Freedom of Information and the Data Protection Act Chapter 2: Overview of the Freedom of Information Act Chapter 3: Restrictions on disclosure under the Freedom of Information Act Chapter 4: Application of the Freedom of Information Act to organisations that are not public authorities Chapter 5: Freedom of Information Act procedure and time limits Chapter 6: Restrictions on disclosure of personal data Chapter 7: What is personal data? Chapter 8: The data protection principles The data protection principles Sensitive personal data Chapter 9: When should personal data be released? Cases where a disclosure would breach the data protection principles Cases where a disclosure (or partial disclosure) would not breach the principles Chapter 10: Subject access under the Data Protection Act Chapter 11: Requests made by one person on behalf of another Chapter 12: Checklist for disclosing information under the Freedom of Information Act where individuals are mentioned in the information Appendix: Glossary ITG Resources