Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Freedom of Information and Data Protection Legislation An Overview Ann McKeon November 2014.

Published byDomenic Prosper Stevens Modified over 8 years ago

Similar presentations

Presentation on theme: "The Freedom of Information and Data Protection Legislation An Overview Ann McKeon November 2014."— Presentation transcript:

1 The Freedom of Information and Data Protection Legislation An Overview Ann McKeon November 2014

2 Why was the Freedom of Information Act 1997 introduced ? Develop a culture of openness, transparency and accountability Implemented in Government Departments April 1998-Health Boards/Local Authorities Oct 1998 etc. Third Level Institutions - 1st October 2001

3 Entitlements: Students, Staff and the Public A legal right to: Access official (corporate) records (section 7) Access and amend, delete or correct your own personal records (section 17) Be given reasons for decisions which affect you from 1st October 2001 (section 18) Note: subject to exemptions

4 Implications of the Act For public bodies: A legal obligation to publish information (section 15 and 16) A legal obligation to establish mechanisms for handling requests A legal obligation to assist individuals to exercise their rights

5 Publications under the Act Section 15 Description of functions, structure, services, powers, classes of records held etc. Web based Purpose: assist individuals in exercising their rights under the Act

6 Publications under the Act Section 16 Internal rules, procedures, guidelines etc. used in the decision making process Mainly web based Purpose: assist individuals in exercising their rights under the Act

7 FOI Record Definition “The FOI Act states that a “record” includes “any memorandum, book, plan, drawing, diagram, pictorial or graphic work or other document, any photograph, computer record etc……..or thing in which information is held or stored and anything that is a part or a copy, in any form of any of the foregoing ….etc” (sect 2 of the Act page 9) (Includes emails – can be accessed under FOI) “Any record under the control of the university”

8 What records can be requested Records created after Act commenced- 21st April 1998 Student/public personal records regardless of when created Staff records created after 21st April, 1995 Earlier records if needed

9 Exempt/protected Records Personal information from third party access (s28) Information obtained in confidence (s26) Commercially sensitive information (s27) Functions and negotiations of public bodies (s21) Deliberations of public bodies (s20) Research and natural resources (s30) “public interest test” “injury or harm test” to justify withholding

10 FOI Process Decision maker: Initial decision within four weeks Internal reviewer: seek review within four weeks - decision within three weeks External review: seek review within six months –by Information Commissioner –binding decisions Appeal to High Court and Supreme Court (point of Law only)

11 Maynooth University requests Media requests Staff requests Public requests Student requests

12 Impact Records released routinely Records of meetings/decisions published on web Diminished culture of secrecy Improved security of Data

13 Impact Write objectively, support opinions with facts, ensure information is relevant to the matter Document reasons for decisions and refer to policies in decision making Records management (accurate recording, filing and retrieval) Advise people of FOI rights and assist them in exercising their rights

14 Impact Record content Avoid technical jargon (explain if necessary) Keep language simple and concise Sign and dates entries Legible handwriting Remove draft copies from files

15 FOI (Amendment) Act 2003 €15 “up front” fee for an application for access to non personal records (€75 for Internal Review, €150 for external review) Does not apply to applications for access to personal records Clarification/amendments to exemptions Publication of section 15 and 16 Increased protection for Government records

16 The Freedom of Information Act 2014 Removes the main restrictions on access to official information introduced by the FOI (Amendment)Act 2003 Extend FOI to all public bodies Extension of FOI to non-public bodies receiving significant public funding. Removes €15 application fee. Reduced fees for non personal records

17 Fees €15 initial application fee repealed Minimum threshold of €100 below which no search, retrieval and copying fees can be charged. Once the charge exceeds €100, full fees apply There is a cap on the amount of search, retrieval and copying fees that can be charged of €500 Upper limit on estimated search, retrieval and copying fees at €700 above which an FOI body can refuse to process a request, unless the requester is prepared to refine the request to bring the search, retrieval and copying fees below the limit; Fee for internal review under Section 21 is now €30 (€10 for medical card holders and their dependants) The fee for appeals to the Information Commissioner under Section 22 is now €50 (€15 for medical card holders and their dependants).

18 Data Protection Act 1988 and the Data Protection (Amendment) Act 2003 Why was Data Protection introduced: To regulate the collection, processing, keeping, use and disclosure of personal data To give individuals access to their data and allow them to amend it if incorrect To comply with EU Directives

19 Data Protection Act 1988 and the Data Protection (Amendment) Act 2003 What is data protection? It is the safeguarding of the privacy rights of individuals in relation to the processing of personal data. The Data Protection Acts 1988 and 2003 confer rights on individuals as well as responsibilities on those persons processing personal data.

20 Data Protection Act 1988 and the Data Protection (Amendment) Act 2003 Protects privacy rights of individuals Legal right of access to personal records (only) held on computer or on manual relevant filing systems Applies to all organisations - private and public (FOI -public sector only)

21 Data Protection record definition Personal Data data relating to a living individual who is or can be identified from the data or from the data in conjunction with other information that is in, or is likely to come into the possession of the data controller

22 What is a “relevant filing system”? any set of information relating to individuals to the extent that, although the information is not processed by means of equipment operating automatically…the set is structured, either by reference to individuals or … to criteria relating to individuals in such a way that specific information relating to a particular individual is readily accessible

23 What is “sensitive personal data” Racial or ethnic origin, political opinions, religious or philosophical beliefs Trade union membership status Physical or mental health or condition or sexual life Commission or alleged commission of offence

24 Eight Rules of Data Protection for Data Controllers Obtain and process information fairly Keep it only for one or more specified, explicit and lawful purposes Use it and disclose it only in ways compatible with these purposes Keep it safe and secure Keep it accurate complete and up to date

25 Eight Rules of Data Protection Ensure that it is adequate, relevant and not excessive. Retain it for no longer than is necessary for the purpose or purposes Give a copy of his/her personal data to that individual on request www.dataprivacy.ie

26 Exempt/Protected records Information about other people Information received in confidence Prejudicial to investigations, prosecutions Legally privileged information Prejudicial to security of State, prisons, international relations Health and Social work records without agreement of Health/Social work Professional

27 FOI and Data Protection: differences Different definitions of “personal information” DP Act: no provisions for access to records of children, incapacitated or deceased DP Act: 40 days for reply (FOI: 28 days) Different exemptions in both Acts Different rights of review FOI Public sector only - Data Protection Public and Private

28 Risks/Challenges FOI and DP Security of Data Security Breaches Client/customer care versus legal obligations Up to date and accurate records Control of records

29 Risks/Challenges FOI and DP Ensuring compliance with the law Audits by FOI and DP Commissioners Limited resources

30 Responsibilities Laptops Mobile devices Safegaurding Personal data Physical security Technical security

31 FOI Management/Compliance Publications (section 15 and 16) Information leaflets, booklets, website (Legal obligation to promote FOI) FOI access procedures and routine access procedures Student /Staff awareness and training Records management

32 Data Protection Management/Compliance Data Protection Policy Privacy statement Staff guidelines DP access structures and procedures Consent of data subjects Staff training

33 Contact Ann McKeon Freedom of Information Officer Room 25Humanity House Maynooth University Tel: 01 7086184 Email: ann.mckeon@nuim.ie Website https://www.maynoothuniversity.ie/freedom- information

Download ppt "The Freedom of Information and Data Protection Legislation An Overview Ann McKeon November 2014."

Similar presentations

DATA PROTECTION and Research University Research Ethics Committee – 30.05.2008 David Cauchi David Cauchi Office of the Commissioner for Data Protection.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi David Cauchi Office of the Commissioner for Data Protection.
Data Protection Information Management / Jody McKenzie.

Data Protection Information Management / Jody McKenzie.
Information & Compliance UL University of Limerick & UL employees obliged to comply with certain legislation, including: Freedom of Information.

Information & Compliance UL University of Limerick & UL employees obliged to comply with certain legislation, including: Freedom of Information.
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
Data Protection.

Data Protection.
BC Freedom of Information and Protection of Privacy Act

BC Freedom of Information and Protection of Privacy Act
DATA PROTECTION and Research University Research Ethics Committee – 08.05.2006 David Cauchi Office of the Data Protection Commissioner.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi Office of the Data Protection Commissioner.
What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.

What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.
Data Protection and Records Management

Data Protection and Records Management
Towards a Freedom of Information Law in Qatar Fahad bin Mohammed Al Attiya Executive Chairman, Qatar National Food Security Programme.

Towards a Freedom of Information Law in Qatar Fahad bin Mohammed Al Attiya Executive Chairman, Qatar National Food Security Programme.
Data Protection: The Law. EU & Irish Legislation Data Protection Directive 95/46/EC Electronic Privacy Directive 2002/58/EC EUROPOL etc Data Protection.

Data Protection: The Law. EU & Irish Legislation Data Protection Directive 95/46/EC Electronic Privacy Directive 2002/58/EC EUROPOL etc Data Protection.
Audiences NI Data Protection Workshop

Audiences NI Data Protection Workshop
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection Overview

Data Protection Overview
Protecting information rights –­ advancing information policy Privacy law reform for APP entities (organisations)

Protecting information rights –­ advancing information policy Privacy law reform for APP entities (organisations)
 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.

 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.
Data Protection for Church of Scotland Congregations

Data Protection for Church of Scotland Congregations
Health & Social Care Apprenticeships & Diploma

Health & Social Care Apprenticeships & Diploma
Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.

Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.
Data Protection and You Your Rights & The Law Registration Basics Other Activities Disclaimer: This presentation only provides an introductory info. Please.

Data Protection and You Your Rights & The Law Registration Basics Other Activities Disclaimer: This presentation only provides an introductory info. Please.

Similar presentations

Ads by Google