Data and securityGDPRMost councils unable to meet the right-to-be-forgotten GDPR requirements

Most councils unable to meet the right-to-be-forgotten GDPR requirements

Freedom of Information request indicates that local authorities are struggling to meet the financial, personnel and process requirements of the new regulation

Research conducted by M-Files Corporation, the intelligent information management company, reveals that the vast majority of local authorities in the UK are not yet able to comply with the “right-to-be-forgotten” stipulations of the General Data Protection Regulation (GDPR).

As part of a Freedom of Information (FOI) request, M-Files sent requests to all 32 London boroughs and 44 other local authorities distributed evenly throughout the UK asking a series of questions regarding GDPR readiness. The results reveal that almost seven in 10 (69%) local authorities are not able to effectively erase personally identifiable information (PII) from their systems – a critical requirement of the new regulation.

Julian Cook, Vice President of UK Business at M-Files, suggests that the public sector needs to become more proactive when it comes to tackling personal privacy issues, which sit within the wider arc of compliance within GDPR.

“The right-to-be-forgotten is arguably one of the most challenging aspects of GDPR, which places the onus on organisations to introduce smarter measures around data protection and controls, including how the Personally Identifiable Information (PII) of EU citizens is collected, stored and shared. This is particularly true for the public sector, where this data is commonly trapped within information siloes and duplicated across different systems and repositories. The net result is that public sector organisations often don’t have a full picture of the data on their systems, so completely erasing personal data becomes infinitely more challenging.

“Radical changes to how public sector organisations manage their information will be required if they are to be compliant when the regulation comes into force.”

 

Key focus

To assist boroughs in preparing for GDPR, Cook believes that a key focus should be on implementing technology solutions that streamline the management of personal data, and are compliant in key facets of the regulation, including the right-to-be-forgotten.

“The essence of GDPR is to ensure that explicit policies and procedures for handling personal information are in place, but with less than a year before the go live date of 25th May 2018, the findings present a fairly concerning picture as to how prepared councils are. Because of this the door is open for technology to play a significant role in automating and simplifying many of these processes.

“In the case of the public sector, the need to control and protect information is an ever-present challenge, and one that is often hindered by risks surrounding data duplication and lost information – issues that are time-consuming, difficult and costly to address.

“Intelligent information management systems, which make finding and cleansing data from systems and repositories significantly more straightforward, can make a big difference here. Importantly, these solutions can fit seamlessly with existing systems and processes. For the increasingly cash-strapped public sector, this integration is hugely beneficial, enabling organisations to continue leveraging their existing legacy systems while adding the powerful information management functionality needed to protect and remove personal information and adhere to GDPR requirements.”

Related Articles

Parts of OS MasterMap to be unlocked

Data Insight Parts of OS MasterMap to be unlocked

2m Austin Clark
Seven digital government trends for 2018: A mid-year update

Data Insight Seven digital government trends for 2018: A mid-year update

2m Guest Writer
Using open data to redesign public services

Data Insight Using open data to redesign public services

2m Austin Clark
People analytics: a threat or an opportunity?

Change Management People analytics: a threat or an opportunity?

3m Guest Writer
Agenda for new algorithmic ethics agency set out by select committee

Data Insight Agenda for new algorithmic ethics agency set out by select committee

3m Austin Clark
ICO launches new data protection campaign to mark 'GDPR Day'

Data Insight ICO launches new data protection campaign to mark 'GDPR Day'

3m Austin Clark
New funding to improve care through technology welcomed

Adult Social Care New funding to improve care through technology welcomed

3m Austin Clark
All London boroughs sign up to database of rogue landlords

Data Insight All London boroughs sign up to database of rogue landlords

3m Austin Clark