Complying with the new Data Protection Act will prove time
consuming for local authority IT departments, directors have
warned.
Although there is no need to panic, IT faces an onerous task in
accounting for the more stringent new Act, said Ken Spronston, IT
director of Chester City Council.
"We have got a programme running to check we are compliant, and
we intend to consolidate 12 or so different registrations with the
data protection registrar as one," said Spronston.
Pat Collier, data protection officer at Bexley council, is
equally confident that her local authority will be compliant.
"We are auditing all our systems and will register new systems
by the 1 March deadline. We will get the rest of them into line
over the next 18 months," Collier said.
"A big challenge for us is that so much of our data is processed
by contractors. That means looking carefully at our processes and
our contracts with outsourcers," she added.
Both Collier and Spronston believe that local authorities'
biggest problems could lie in their paper records, which are not
part of the 1984 Act, but nevertheless do fall under the new
legislation.
Spronston also thought that council IT managers could find
themselves caught in contradictions over the Data Protection Act,
freedom of information and the Government's push for inter-agency
working.
"There is a potential conflict between the initiatives on open
government and data protection," said Spronston. "There are also
problems with initiatives like community safety plans where we
share information with other organisations and agencies," he
added.
Spronston said his authority was in contact with the data
protection registrar's office on a weekly basis seeking
clarification on legislation to ensure Chester City Council takes
necessary measures to comply.