- Your service
- GDPR/Data Protection
- Freedom of Information
- Disclosure Log
- 2022 - FOI requests
- FOI 1706 - Staff Inform...
1. Who is the SIRO / Senior Information Risk Owner, or equivalent. A name and job title, or if they are below the disclosable level just a job title is fine, could you also provide a contact email for this person.
The SIRO is currently the Director of Governance and Commissioning. His contact details are available on the website within the Freedom of Information pages.
2. Do you have, or are you planning to have, appointed Information Asset Owner’s (IAO’s) (or a similar role such as data stewards, data owner, etc)
The Service nominates the Heads of Department as Information Asset Owners.
3. If the answer to Q2 is yes, how often are they trained and who is responsible for organising the training? (as in, the person)
An e-learn module is provided for training. There are no timescales or schedules for this currently but this is under consideration.
4. Are you or have you considered becoming ISO 27001 compliant or certified? If so whom is responsible for the project? (as in, the person)
The Service has no intention to seek ISO 27001 accreditation. However the information standards adopted are aligned with or based on best practice.
5. When did you last conduct a Physical Security risk assessment of the Services building(s)/estate(s), and who is responsible for managing risk in this area? (as in, the person)
Physical security is assessed continuously by employees. A formal information risk assessment has not been completed recently due to CoVid restrictions
6. Who is your DPO (Data Protection Officer) or responsible person for DPO duties?
The DPO role is published on the website.
Please note the Freedom of Information (FOI) Publication Scheme lists certain standard information that organisations must publish. This means you can easily access information such as roles and contact details without waiting for us to respond and using the published information also reduces the demand on the public sector in responding to requests.
The FOI s21 exemption means we are not required to provide information if the information is reasonably accessible by other means. Please visit our website where you will find the information referred to in our response above as well as other useful information.
Last updated: Friday, 16 February 2024