information management policy - cambs. · pdf filecambridgeshire constabulary, information...
TRANSCRIPT
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
11/09/2017 11:31:16 Page 1 of 12
BCH14/001 Joint
Information Management
Policy (IMP)
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
11/09/2017 11:31:16 Page 2 of 12
TABLE OF CONTENTS
1. POLICY AIM ................................................................................................................................... 3
2. APPLICABILITY ............................................................................................................................. 3
3. THE POLICY .................................................................................................................................. 3
4. ASSOCIATED DOCUMENTATION............................................................................................... 3
5. WHO TO CONTACT ABOUT THIS POLICY ................................................................................ 7
6. EQUALITY ANALYSIS ................................................................................................................... 8
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
11/09/2017 11:31:16 Page 3 of 12
1. POLICY AIM
1.1 It is the aim of Bedfordshire Police, Cambridgeshire Constabulary and Hertfordshire Constabulary (BCH) to
establish clear and consistent processes and structures for the collection, recording, evaluation and action,
sharing, review, retention and disposal of information gathered for a policing purpose.
1.2 The aim of this policy is to provide clear direction, support and commitment to the discipline of Information
Management across the forces. Each force has a duty to obtain and use a wide variety of information (including
personal information) in order to discharge its responsibilities effectively.
2. APPLICABILITY
2.1 This policy applies to all Bedfordshire Police, Cambridgeshire Constabulary and Hertfordshire Constabulary,
Police Officers and Police Staff including, Special Constabulary, Police Community Support Officers, Volunteers,
contractors and temporary staff.
3. THE POLICY
3.1 Scope
3.1.1 This policy applies to all information held and used by all three Forces including that used for policing duties and
for administrative purposes such as HR, Finance, fleet, etc.
3.1.2 The Authorised Professional Practice (APP) for Information Management, defines policing duties as: -
Protecting life and property
Preserving order
Preventing the commission of offences
Bringing offenders to justice
Any duty or responsibility of the police arising from common or statute law.
3.1.3 This policy has been assessed and due regard has been given to the College of Policing - Code of Ethics.
3.2 Information Management Strategy (IMS)
3.2.1 The three forces will produce and publish an IMS.
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
11/09/2017 11:31:16 Page 4 of 12
3.3 Information Charter
3.3.1 The three forces will produce and publish an Information Charter.
Information Management covers a number of discrete but interrelated areas of business and the following section is a brief policy statement for each of these areas.
3.4 Information Management
3.4.1 All three Forces will comply with APP for Information Management.
3.4.2 Each Force recognises that the collection of appropriate information with a high standard of data quality, its
accurate assessment and timely exploitation are core to efficient policing and is committed to implementing this
legislation and guidance with particular emphasis on maximising the benefits which this will bring to operational
policing.
3.5 Data Protection Act 1998
3.5.1 The Forces are committed to ensuring that Officers, Staff, Specials and Volunteers undertake their legitimate
duties in a manner that is compatible with the Data Protection Act 1998 and will endeavour to ensure that the
data protection principles are applied to all personal information held and used by the Force.
3.5.2 Each Force recognises the sensitivity of the personal information held by the Force and its duties in respect of
such data to protect individuals from the threat of: -
the use of incorrect information,
the misuse of correct information,
the unauthorised loss or disclosure of their information.
3.5.3 APP on data protection has been produced to assist police forces in their statutory responsibility to comply with
the Data Protection Act 1998 (DPA).
3.5.4 All three Forces will comply with APP for Data Protection
3.6 Data Quality
3.6.1 The principles of the Data Protection Act 1998 require the Forces to ensure that personal information is
accurate, relevant and up to date. In addition, data quality is integral to effective policing by ensuring that
accurate and update information is available, when it is needed. Failing to achieve an appropriate level of
quality for Forces information can present operational problems, for example failing to identify a vital link
between records, making a false arrest, executing a warrant at the wrong address or making an inappropriate or
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
11/09/2017 11:31:16 Page 5 of 12
misleading disclosure. It can also have legal implications in terms of failure to comply with Data Protection Act
1998, Human Rights Act1998 and Freedom of Information Act 2000 and may leave each Force vulnerable to
civil litigation over the use of incorrect information.
3.7 Audit and Monitoring
3.7.1 Each Force is required to ensure that data held in police computer systems is obtained, held, used and
disclosed in accordance with the Data Protection Act 1998 and the APP for Information Management. Business
owners have a responsibility for on-going monitoring of information obtained, held, used and disclosed in their
area of business as well as for the data quality.
3.7.2 Each Force Audit Plan determines the nature and scope of audits taking into account the risks, resources
available, the changing environment and national requirements.
3.8 Records Management
3.8.1 The Forces are committed to improving records management to ensure that information is managed throughout
its life cycle in a systematic, cost-effective and efficient manner. In particular, it provides a means of applying
controls to information to maintain its evidential weight and ensure its authenticity, availability and integrity.
3.8.2 Good practice in records management ensures that information in any format is readily available for policing
use which includes sharing with partner agencies where necessary.
3.8.3 Compliance with records management procedures and standards contributes towards the avoidance of
significant risk to the Force by enabling and providing evidence of transactions, thereby reducing vulnerability to
legal challenge.
3.8.4 Records Management, through the proper control of the storage and volume of records, reduces the cost in
finding and managing information, and promotes best value in terms of human and space resources.
3.9 Freedom of Information Act 2000
3.9.1 Each Force is committed to adopting an open and transparent approach in relation to policing. It is cognisant of
its statutory duties and will work towards proactive publication of information as far as is possible without
compromising policing purposes in compliance with the Freedom of Information Act 2000.
3.9.2 APP on Freedom of Information has been produced to assist police forces in their statutory responsibility to
comply with the Freedom of Information Act (2000).
3.9.3 All three Forces will comply with APP for Freedom of Information.
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
11/09/2017 11:31:16 Page 6 of 12
3.10 Information Sharing
3.10.1 Each Force is a signatory to their own Information Sharing Protocols / Agreements.
3.10.2 A number of public, private and voluntary organisations within their County have signed the Information Sharing
Protocols / Agreements and committed to the principles of information sharing where this is necessary to enable
them to carry out, or to support their partners to achieve, their statutory responsibilities.
3.10.3 Personal information received by the Force may be shared with other agencies where this is necessary for the
prevention or detection of crime or the apprehension or prosecution of offenders or where there is a lawful basis
for the personal information to be shared with another agency to enable that agency to carry out their statutory
responsibilities.
3.10.4 The Force will also share non personal information for the purposes as stated above.
3.10.5 All sharing of police information is carried out with due regard to the Sharing Police Information section of APP
for Information management.
3.11 Disclosure
3.11.1 Where requests for information are made this should identify a suitable legal gateway and/or a policing purpose
– in most cases this means that the request for the information will be made under a statute. Where no legal
gateway exists, the requestor should identify a statutory obligation which cannot be achieved without the
disclosure of the information. In these cases, the Force will disclose the information if this does not impact upon
any current policing process.
3.11.2 If an officer identifies a risk to individuals during an investigation and believes it is necessary to proactively
disclose information over and above the routine disclosures made as part of a police investigation, and this
disclosure will have a significant impact upon the person under investigation (such as to the employer) this risk
assessment process should be used and authorisation gained from an officer of ACPO rank – unless the delay
caused by such a process would cause harm or a further crime to be committed.
4. ASSOCIATED DOCUMENTATION
4.1 Legislation/ National Guidance
Information Commissioners Office
ACPO National Guidance on the minimum standards for the Retention and Disposal of Police Records
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
11/09/2017 11:31:16 Page 7 of 12
4.2 Procedures
BCH14_002 PIA Policy
BCH14_003 PIA Procedure
BCH14/004 Disclosure and Barring Service (DBS) Policy
BCH14/005 Common Law Police Disclosures Policy
BCH14_006 Records Management Policy
BCH14_007 Transearch Procedure
4.2.1 Bedfordshire Police
M004 Information Sharing Procedure
M005 Freedom of Information Procedure
M006 Data Protection Procedure
4.2.2 Hertfordshire Constabulary
Information Retention and Disposal Policy
Information Sharing Policy
4.2.3 Cambridgeshire Constabulary
Records Management including File management and long term storage.
PNC Administration including Court Resulting (Crown & Mags),Warrants, Pre-Cons, Impending
Cases ,NPPA SNs.
Freedom of Information.
Subject Access Request (SAR)
Audit Plan and Methodology
H/O annual data returns guidance.
5. WHO TO CONTACT ABOUT THIS POLICY
5.1 Questions regarding this policy and its operation should initially be referred to your Force Information
Management team:
Bedfordshire Police, Information Services, Bedfordshire Police Headquarters, Kempston. MK43 9AX.
Tel 01234 842547
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
11/09/2017 11:31:16 Page 8 of 12
Cambridgeshire Constabulary, Information Management Department, Cambridgeshire Constabulary
Headquarters, Hinchingbrooke Park, Huntingdon, PE29 6NP. Tel: 101
Hertfordshire Constabulary, Information Compliance Office, Police HQ, Stanborough Road, Hertfordshire
AL8 6XF. Tel: 01438 757449
6. EQUALITY IMPACT ASSESSMENT (EIA)
EQUALITY IMPACT ASSESSMENT
Name of Sponsor Name of Author Description of proposal being analysed
Chief Information Officer Chief Information Officer / Information services Manager
Date EIA started Date EIA finished
This Equality Impact Assessment is being undertaken as a result of: Delete as appropriate
A new or updated policy or procedure.
Note – For ease of use of this document , we will refer to all of the above as “proposal”
STEP 1 – Relevance
The general duty is set out in section 149 of the Equality Act 2010. In summary, those subject to the Equality Duty must have DUE REGARD to the need to:
eliminate unlawful discrimination, harassment and victimisation;
advance equality of opportunity between different groups; and
foster good relations between different groups.
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
11/09/2017 11:31:16 Page 9 of 12
Authors have a statutory requirement to have DUE REGARD to the relevant protected characteristics shown below,
whilst taking a common sense approach
age
disability
gender reassignment
marriage & civil partnership*
pregnancy and maternity
race
religion or belief
sex
sexual orientation *marriage and civil partnership – the analysis applies only to the elimination of unlawful discrimination, harassment and
victimisation. Section 23 of the Equality Act 2006 allows the Equality and Human Rights Commission (EHRC) to enter into a formal agreement with an organisation if it believes the organisation has committed an unlawful act. Under section 31 of the Equality Act 2006, the EHRC can carry out a formal assessment to establish to what extent, or the manner, in which a public authority has compiled with the duty. Additional guidance can be found by accessing the EHRC website: http://www.equalityhumanrights.com/advice-and-guidance/public-sector-equality-duty/guidance-on-the-equality-duty/
Does this proposal have a direct impact on people who:
a) are any part of the Police workforce (including volunteers)?
YES
b) reside in any part of England and Wales
YES
If NO to both questions Explain why and give rational
No Further Action and Return to
Sponsor for Authorisation
If Yes to either question
Continue through to Step 2
STEP 2 – Consultation / Engagement
You should engage with those people who have an interest in how you carry out your work generally, or in a particular proposal. This may include former, current and potential service users, staff, staff equality groups, trade unions, equality organisations and the wider community. In deciding who to engage, you should consider the nature of the proposal and the groups who are most likely to be affected by it.
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
11/09/2017 11:31:16 Page 10 of 12
The proposal owner (Sponsor/Author) must be satisfied that consultation / engagement will take place with the relevant business lead and stakeholders. This MUST include engagement with the following relevant groups:
Equality and Diversity Specialist Staff Associations Staff Support Groups Relevant community groups and members of the public In addition, consider who else should you consult with internally and externally?
Who might be affected?
Does what you are considering further the aims of the general duty, to
eliminate unlawful discrimination, harassment and victimisation;
advance equality of opportunity between different groups; and
foster good relations between different groups.
Identify the risks and benefits where applicable, according to the different characteristics.
Positive Impact or Benefits Negative Impact or Risks
Age (Consider elderly or young
people)
There are no obvious
considerations
There are no obvious
considerations. No responses
from the consulted
Disability Groups (Consider
physical, sensory, cognitive,
mental health issues or learning
difficulties)
Gender Reassignment
(Consider transgender,
Transsexual, Intersex)
All forces have access to
national guidance and where
needed, have local procedures
in place in regard to gender
reassignment. This sets out,
as well as legislation contained
within the Equality Act 2010
our legal requirements
There are no negative risks as
such, apart from a lack of
awareness in regard to where
guidance can be found. No
training is offered to staff but
they are made aware via
signposting where the
appropriate literature can be
found.
Marriage & Civil Partnership There are no obvious
considerations
Pregnancy and Maternity
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
11/09/2017 11:31:16 Page 11 of 12
Race and Ethnic origin –
includes gypsies and
travellers.(Consider language and
cultural factors)
Religious / Faith groups or
Philosophical belief (Consider
practices of worship, religious or
cultural observance including non
belief)
Sex (Male, Female)
Sexual orientation (Consider
known or perceived orientation,
lesbian, gay or bisexual)
There are no obvious
considerations in regard to
sexual orientation.
Positive Impact or Benefits Negative Impact or Risks
Have you considered how this
decision might affect work life
balance? (Consider caring issues
re: childcare & disability,
safeguarding issues,
environmental issues, socio
economic disadvantage, and low
income families.)
Yes and there are no obvious
considerations.
Yes and there are no obvious
considerations. .
STEP 3 – Assessment
Complete the EIA by analysing the effect of your proposal and detail the outcomes.
What were the main findings from any consultation carried out?
What feedback has been received?
Using the information you have gathered and consultation that you have undertaken answer the
following questions. This will help you to understand the effect on equality your proposal might have.
Has the feedback indicated any problems that
need to be addressed?
Following the consultation process no significant
risks have been identified.
Describe and evidence any part of the proposal
which could discriminate
N/A
Can the adverse impact identified be justified as
being appropriate and necessary?
If so, state what the business case is:
No adverse impact factors have been identified
Where impact and feedback identified, what, if
anything can be done?
N/A
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
11/09/2017 11:31:16 Page 12 of 12
What outcome will be achieved that
demonstrates a positive impact on people?
STEP 4 - Monitoring and Review
Equality analysis is an ongoing process that does not end once a document has been produced.
What monitoring mechanisms do you have in
place to assess the actual impact of your
proposal?
This procedure will be monitored for compliance
when the first review takes place, or if regulation
or national guidance changes. Managers will be
trained where possible in Equality legislation
Review Date:
First review must be no later than one year.
STEP 5 - Sign Off
Once the Equality Impact Assessment is complete it should be signed off by the Proposal Sponsor.
This sign off is confirmation that the analysis is accurate, proportionate and relevant and actions will
be delivered as required.
Approved by Senior Officer / Proposal lead Having considered the potential or actual effect of
this proposal on equality, our assessment
demonstrates that the proposal is robust and the
evidence of our screening shows no potential for
unlawful discrimination. We have taken all
appropriate opportunities to advance equality and
foster good relations between groups.
Date: 22nd April 2014
Name: Chief Information Officer