Accept Cookies?
Privacy Policy | Print Page | Contact Us | Report Abuse | Sign In | Become a Member!
IRMS PSG Event Reviews
Group HomeGroup Home Blog Home Group Blogs
A blog dedicated to reviews of IRMS Public Sector events. Reviews are also published in the IRMS Bulletin.

 

Search all posts for:   

 

June 2017: The RM relationship between public authorities and commissioned services in the third sector

Posted By IRMS, 28 September 2017
Updated: 28 September 2017

The event started at 9.30am with a welcome address by the Chair, Elizabeth Barber, with a word of appreciation to the host Westminster Archives.

Neil Reeves gave an overview of the work of the Exec since the last meeting and he gave a demonstration of the new IRMS website. Geoff Gray from Lewisham Homes asked where the data on the website was being held – Neil noted that it was the USA, but the appropriate checks have been made to ensure that the data is safe and secure. This was followed by presentations from the various speakers, who discussed broad range of issues relating to the theme of the day.

 

10.15am – Keynote speaker: Alison North – Creating and managing retention schedules so that third sector and public sector can work together

Alison spoke about retention and the many and varied challenges of its implementation. This sparked much interest and discussion in the room as many attending had faced similar difficulties and challenges!

A key element is to look at contracts with a ‘data protection hat’ on! Another key subject to consider is the purpose of the information – retention becomes easier to implement if you know the purpose for which is it being retained.

 

11.45am – Discussion section: Elizabeth Barber (Chair)

Some thoughts about how local authorities manage relationships with their third sector partners, followed by a workshop to produce 10 steps to managing partnership relationships between local authorities and the third sector. The room was divided into four groups and each was asked to come up with a list of 10 steps to managing partnership relations.

Lots of ideas were sparked and there was a lot of commonality amongst the groups – several key themes emerged. The groups came up with the following sets of priorities (in no particular order):

 

Group one (which was a mixture of County and District Councils):

1. Maturity of commissioning organisation and third party

2. Privacy impact assessment/information sharing agreement

3. Contract 4. Purpose

5. Ownership

6. Access/security

7. Performing/information systems

8. Taxonomy/reference data

9. Protective marking/handling

10. Classification/retention

 

Group two (which was a mixture of organisation types):

1. Retention and disposal

2. Common language

3. Legal basis for sharing

4. Early engagement at procurement stage

5. Clear about the information that is being shared

6. Transfer of data – rules need to be created around this

7. Clarity in contracting re ownership of the data/ information

8. Levels of security/sensitivity

9. Audit/assurance of the partnership

 

Group three (which was a mixture of organisation types):

1. Storage

2. Transfer management

3. Retention/disposal

4. Quality audit

5. Disclosure agreements

6. Training/awareness

7. Risk register

 

Group four (which was a mixture of organisation types):

1. Education

2. Clarity of purpose

3. Principles/standards

4. File formats/standards

5. Monitoring requests for access

6. Transfer at end of partnerships

7. Ensure information governance and records management included

8. Financial risk/cost

9. Lessons learned

 

2:00pm – Dr Paul Duller – Business continuity

Paul presented a very lively and entertaining talk on business continuity – the things that go well… and the things that go badly! Paul considered disaster planning for both information management and for information technology – the two go hand in hand.

 

3:00pm – Tony May – What records should be retained around fostering arrangements

Tony provided some useful hints and tips on the retention of fostering information. There tends to be a lengthy time period for this information and organisations need to take this into account.

 

Review written by Sarah Graham and originally published in the IRMS Bulletin, September 2017

This post has not been tagged.

Share |
PermalinkComments (0)
 

April 2017: Using codes of practice to shape your records management policy

Posted By IRMS, 28 September 2017

The meeting started at 9.30am with a welcome address by the Chairperson of the Event, Elizabeth Barber, with a word of appreciation to the host Westminster Archives and the sponsors for the day, Iron Mountain. This was followed by presentations from the various speakers who discussed a broad range of issues relating to using codes of practice to shape records management policies. Emily Overton gave an overview of the work of the Exec since the last meeting.

 

10am - Keynote Speaker: Paul Gibbons – Lord Chancellor’s Code of Practice on records management: Keeping records to meet corporate requirements

Paul started off the presentation with a quick quiz to ask those in attendance when/where the first Freedom of Information (FOI) Act was inaugurated. It turned out that the correct answer was Sweden, 250 years ago!

Paul went on to discuss comments made by Elizabeth Denham, the new Information Commissioner at an event in December 2016. Elizabeth noted: “If public authorities are placed under an effective duty to document regime, then we are telling them to write down their decisions, to note their reasons and most importantly to write things down well”.

Paul then went on to note various instances where the failure to document decisions hindered investigations. It was noted that the Public Records Act 1958 required organisations to select documents, not necessarily instigate a “duty to document”.

The Section 46 Code within the FOI does make it clear that records management is core to the FOI Act working properly. Paul quoted from the Section 46 Code, noting “FOI legislation is only as good as the quality of the records and other information to which it provides access. Access rights are of limited value if information cannot be found when requested or, when found, cannot be relied on as authoritative”.

Paul then asked the group – who is the minister in charge of the Section 46 Code? It turned out that it was not the Lord Chancellor who was in charge of the Code, but the Secretary of State for Culture, Media and Sport – they must consult the Chancellor of the Duchy though.

Paul noted that organisations should take the following into account:

        Laws, regulations and standards

        Precedent

        Protecting your rights, property, etc

        Justifying your actions

Organisations should also be clear on the four factors that are crucial in ensuring a record is fit for purpose:

        Authenticity

        Reliability

        Integrity

        Usability

Paul went on to discuss the requirements of GDPR – keeping records is a central requirement of GDPR – failure to do so can result in a very big fine.

Paul noted that the Information Commissioner has records management in her sights and we already have a duty to document in many cases…the FOI Act Section 46 Code Section 8 spells things out for us… and keeping records is central to GDPR compliance!

 

10.45am – Jenny Obee, Head of IT and Information Management at the London Borough of Barnet – Lord Chancellor’s Code of Practice on Records Management

The presentation discussed choosing and implementing an EDMS system – the end to end process of a successful implementation and the steps taken to get there.

 

11.45am – Jenny Obee, Head of IT and Information Management at the London Borough of Barnet Lord Chancellor’s Code of Practice on records management storage and maintenance of records

This presentation discussed retention and disposal, including big bucket theory.

 

12.30pm – Sponsor Presentation: Tim Callister, Iron Mountain – Whose record is it anyway?

Tim described the services that Iron Mountain can provide to organisations – this includes logistics services, legal advice and labour to help deliver records management programmes.

Tim then ran through some statistics of issues with records – for example, the average cost of a breach per record in 2015 was £112 and the average breach size of records was 21,695, which is a significant number of records!

Some interesting facts and figures were discussed, including some survey results which indicated that 89% of Business Leaders don’t understand what their information managers do! This is interesting food for thought for Records Managers.

Tim noted that Iron Mountain focused on the ‘what’, ‘where’, ‘when’ and ‘how’ elements of records management programmes.

Some discussion then took place around the different concepts of the Information Management profession. Some 50% of businesses say risk management, security and data privacy will be the most valued skills for information professionals over the next 3.5 years… but only 5% of information professionals saw risk, security and privacy as their principal role.

In fact… 53% of information professionals see information accessibility and delivery as the most important future capability. Clearly, an interesting difference of opinion and this generated much discussion in the room!

 

2pm – Sarah Graham, Corporate Records Manager, NHS England – Records Management Code of Practice for Health and Social Care 2016

The Information Governance Alliance published a new set of guidance for Records Management within the NHS in July 2016. Sarah took us through the key points within this document and discussed its importance within NHS England.

Sarah, first of all, discussed the key elements of the Code of Practice, before moving on to the role that the code played in developing the NHS England Document and Records Management Policy and the NHS England Records Retention and Disposal Guidance and Schedule.

Sarah described the background to the Code. The Code of Practice replaces the Records Management: NHS Code of Practice parts 1 and 2 (2006) that had previously been produced by the Department of Health. Whilst this Department of Health guidance was very good and detailed, it was due a refresh.

The new guidance has more focus on electronic records and has a reduced retention schedule. It is user-friendly and has practical case studies. There is a main section, three appendices – the final appendix concentrates on retention scheduling on pages 53 to 80. Sarah went on to discuss the sections in detail.

Finally, Sarah discussed NHS England’s approach to the code of practice. NHS England’s key move was to align its Records Retention and Disposal Schedule to reflect the guidance – Version 2.0 was published in January 2017. Some key areas had changed in terms of retention periods (eg, complaints had moved from 8 year retention to 10 years).

In cases like these, the Corporate Records Manager visited the teams to ensure that paper/ electronic systems were adjusted accordingly to reflect the July 2016 change in guidance. NHS England also reflected the guidance within the Records Management Policy – Version 4.0 of the Policy is being ratified at the moment.

 

2.45pm – Elizabeth Barber, Records Manager, Kent County Council – The importance of using the Section 46 Code as a core to your policy when it comes to an ICO audit

Elizabeth shared a few thoughts about how central the Section 46 Code was to any records management policy and how the use of the self-assessment tool available via The National Archives website provided a great focus for the visit from the ICO auditors.

 

Review written by Sarah Graham and originally published in the IRMS Bulletin, September 2017

This post has not been tagged.

Share |
PermalinkComments (0)
 
Contact Us

Chester House
68 Chestergate
Macclesfield, SK11 6DY
United Kingdom

Phone: +44 (0)1625 664520
Fax: +44 (0)1625 664510

Email: info@irms.org.uk

Follow Us
Become A Member

With a bi-monthly magazine, annual conference, accreditation possibilities and a competitively priced annual membership, there really is no reason why you shouldn't join this fantastic society!