Information requests compliance policy

We recognise the obligations placed upon it by a number of different statutes introducing information regimes in Scotland. It has due regard to the provisions of the legislation and the associated codes of practice as part of the council’s integrated approach to compliance. This policy and related procedures for the provision of access to information under

  • the UK General Data Protection Regulation (UK GDPR)/Data Protection Act 2018 (DPA)
  • the Freedom of Information (Scotland) Act 2002 (FOI(S)A)
  • the Environmental Information (Scotland) Regulations 2004 (EI(S)Rs) (all referred to as “the statutes”)

It will be revised on a regular basis in line with any changes and emerging best practice.

Scope and purpose

This policy applies across South Lanarkshire Council, to all Council Committees, Resources and Services, and to all information held, regardless of format, by the council. 

This policy sets out the principles governing our procedures, actions and decisions relating to the processing of requests for information in terms of the statutes and responsibilities for ensuring compliance with the statutes across the council.

Principles 

Requests for information

In terms of the statutes, all individuals (and organisations in relation to FOI(S)A and EI(S)Rs) have the right to request access to information held by South Lanarkshire Council. These rights may apply to the individual as a member of the public or because the information is “personal data” relating to that individual. In processing these requests we are committed to:

  • providing applicants access to information wherever possible and appropriate, applying the exemptions or restrictions on rights set out in the statutes only when there is a clear reason for doing so
  • levying fees following the statutes or regulations made under them or as set by the council
  • meeting the expressed needs of applicants, for example through the provision of information in an alternative format such as large print, electronic format, or different language, wherever possible
  • providing applicants and potential applicants with details of their rights under the statutes, 
  1. for FOI/EI(S)Rs, this includes the right to request a review of the council’s decision in relation to a request for information, and the right to appeal for a decision from the Scottish Information Commissioner in relation to FOI(S)A and EI(S)Rs); and
  2. for the UK GDPR/DPA, this includes the right to complain to the council’s Data Protection officer, the right to complain to the Information Commissioner and the right to enforce their rights through the courts and
  • regularly monitoring procedures for processing requests to ensure that they meet the legislative requirements and reflect emerging best practice.

Review procedure (FOISA and EI(S)Rs only)

Following the statutes, we have put in place a procedure for reviewing our actions and decisions in response to requests for information. In setting up this procedure and carrying out reviews of our decisions we are committed to ensuring:

  • a fair, balanced review procedure, independent from the original decision-making process
  • informing applicants of their right to appeal to the Scottish Information Commissioner for a decision if they are dissatisfied with the outcome of the Review Panel and
  • sharing decisions of the Review Panel with officers to ensure that lessons are learned and shared and that FOISA and EI(S)Rs are applied consistently

Responsibilities

The council as a whole has responsibility for compliance with the statutes. However specific responsibilities will be placed on:

  • the Information Governance Board to monitor the effectiveness of this policy and related procedures across the council and where necessary to update this policy and related procedures and guidance
  • the Corporate Management Team to monitor the performance of the council in relation to meeting its obligations in respect of information requests compliance
  • the Information Governance Board to provide training, guidance and advice on how to interpret the statutes
  • the Data Protection Officer to provide guidance, advice and to monitor the Council’s compliance with the requirements of the UK GDPR/DPA to the council
  • the Chief Executive and Executive Directors to enforce this policy across the organisation and each Resource
  • line managers to interpret this policy and associated controls in their areas of responsibility and ensure that staff reporting to them are made aware of their responsibilities in carrying these out and
  • Individual staff members to apply the controls as agreed with their line manager

Contact

For more information relating to FOI and the EI(S)Rs, email the council’s Information Compliance Manager foi.request@southlanarkshire.gov.uk

For more information relating to the UK GDPR/DPA 2018, email the council’s Data Protection Officer dp@southlanarkshire.gov.uk

Enquires can also be made by phoning 0303 123 1015 or by post to Administration and Legal Services, Finance and Corporate Resources, Council Offices, Almada Street Hamilton ML3 0AA

 

If you need this in another language or format, please contact us to discuss how we best meet your needs. Phone 0303 123 1015 or email equalities@southlanarkshire.gov.uk

 

March 2019