Agenda item

Information Governance & Caldicott Guardian Annual Report

To receive the Information Governance & Caldicott Guardian Annual Report.

Minutes:

The Head of Governance, Audit & Procurement presented the Information Governance & Caldicott Guardian Annual Report which set out the work of Information Governance for 2025-2026, together with the work of the Caldicott Guardian and also set out the work for the 2026-2027 municipal year.

 

The council’s information governance arrangements formed part of the overall good governance framework and these arrangements were covered by the Freedom of Information Act, Environmental Information Regulations, UK Data Protection Act and the UK GDPR. 

 

During the reporting period, 76 more Freedom of Information Requests (FOIs) had been received compared to that in 2025-2026.  Despite the increase and the complex nature of the requests, 85% of the FOIs were responded to within the 20-day period set by law.  Environmental Information Requests, which were requests for information on areas such as noise and pollution, were down by 17 on the previous year and performance had increased to 89%.  In terms of data protection, subject access requests were the biggest ongoing challenge in terms of being resource intensive.  In relation to data breaches, there had been one data breach that met the threshold for reporting to the Information Commissioners’ Office.  This was currently being investigated and the outcome awaited.

 

In relation to the status of the Information Governance 2025/26 work programme, there had been good progress made throughout the year.

 

The role of the Caldicott Guardian was held by the Director for Adult Social Care and was crucial in overseeing the processing of social care data and having assurance that was undertaken legally and responsibly.  Work was being undertaken to explore the use of technology and the implementation of Magic Notes had been well received.

 

During the debate, some Members asked how the ICO benchmarked the percentages and did the council have any data.  Other Members asked, in relation to FOI requests, was there a pattern in where the requests came from and the reasons for them.  It was also asked if the council could do something different to get information out there to prevent FOI requests coming in and was there a search tool or a database approach to look for information.

 

The Head of Governance, Audit & Procurement explained that he attended a West Midlands Regional Group of Information Governance professionals and that there was an ongoing benchmarking exercise.  The council compared favourably with neighbouring authorities.  In response to FOIs, it was difficult to give an accurate picture as some requests could be from a personal email, but this address could be linked to the press or a company.  In response to the query regarding sharing information, officers confirmed that, in respect of contracting and transaction spend, the contractor register was available online showing payments over £100 and this assists in some requests for information.    Some 90% of Subject Access Requests were from adults with children in care.  In relation to searching there were certain tool that could be used but that was limited.

 

Upon being put to the vote it was, unanimously:

 

RESOLVED – that:

 

a)    the Information Governance Annual Report for 2025/26 be noted;

 

b)   the Caldicott Guardian Annual Report for 2025/26 be noted; and

 

c)    the Information Governance Work Programme for 2026/27 be agreed.

Supporting documents: