Book contents
- Frontmatter
- Dedication
- Contents
- Acknowledgements
- 1 Introduction to information rights law
- 2 Freedom of information
- 3 Freedom of information exemptions
- 4 Data protection: principles and main features
- 5 Data protection: rights of data subjects
- 6 Data protection: internal enquiries
- 7 Environmental Information Regulations
- 8 Other information-related laws
- 9 Fitting information and records management into information rights work
- 10 Resources
- Notes
- Index
9 - Fitting information and records management into information rights work
Published online by Cambridge University Press: 01 June 2019
- Frontmatter
- Dedication
- Contents
- Acknowledgements
- 1 Introduction to information rights law
- 2 Freedom of information
- 3 Freedom of information exemptions
- 4 Data protection: principles and main features
- 5 Data protection: rights of data subjects
- 6 Data protection: internal enquiries
- 7 Environmental Information Regulations
- 8 Other information-related laws
- 9 Fitting information and records management into information rights work
- 10 Resources
- Notes
- Index
Summary
Introduction
It is usual that you will also be managing records as well as responding to requests for information, particularly in organizations that are not big enough to require an information governance team. One-man bands covering information rights and information and records management (IRM) are common. The issues relating to this are:
convincing staff in your organization to properly manage their records in order to support providing information in response to requests;
applying records management principles so as to, at best, help support staff in their daily work and, at least, avoid a practice recommendation from the Information Commissioner;
finding the time for IRM tasks that don't have the same tight deadlines that information requests come with.
This chapter is not intended as a comprehensive review of IRM practice but to offer a brief guide based on the requirements of the legislation for those who need a refresher on the legal requirements, or for Freedom of Information Officers and DPOs who are coming to this subject new. As such, the international standard for records management (ISO15489) is not covered, although it is worth looking at if you are developing a records management programme.
Information and records management: is it necessary?
The short answer to this question is yes. Data protection, Freedom of Information (FoI) and environmental information all rely on having good records that can be used to support provision of the information requested. If your organization does not have well organized records, it will be difficult to find, identify and provide the information re quested, and also to know what information you have provided on request.
The new requirements for record keeping in the GDPR also support the need for good information and records management. Your organ - ization will need to keep track of where personal data is held and what conditions for processing you are using, amongst other tasks. If you cannot provide records to the ICO or the data subject promptly, there will be consequences, up to the imposition of fines. The ICO already has powers to require that information is provided to it by a public authority and can apply to the courts to have the powers of entry and inspection granted if an information notice is not complied with.
- Type
- Chapter
- Information
- Information Rights for Records Managers , pp. 181 - 188Publisher: FacetPrint publication year: 2018