Issue - meetings

The General Purposes Committee is requested to note the 2021-22 Annual Data Protection Officer report.

The Committee received Annual Data Protection Officer Audit which summarised the role of the Data Protection Officer (DPO) analysis of the Council’s data protection compliance and the schools’ data protection update.

The Chair requested an update regarding concerns raised at the previous meeting of the Committee about access to Department of Work and Pensions (DWP)/Her Majesty’s Revenue and Customs (HMRC) data which had been granted without the conditions outlined in the of Memorandum of Understanding (MoU) having been met, and the risks the Council faced should the DWP revoked access to the DWP/HMRC data which had been listed as a critical risk.

The Head of Internal Audit and Risk Management confirmed that Annual General Data Protection Regulation (GDPR) training had not been completed by all staff with access to the DWP/HMRC data, a mandatory Council requirement but would been by the end of July 2022.

At the Chair’s request an additional Audit and Risk training session for those Members who did not attend the session held on 16 June 2022.  It was essential that Members were made aware that GDPR posed a high to the Council.

ACTION: Head of Internal Audit and Risk Management/Governance

AGREED that the 2021-22 Annual Data Protection Officer Report be noted.