Report of The Comptroller and The City Solicitor.
The Sub-Committee received a report of the Comptroller and the City Solicitor regarding an update on GDPR and the following points were made:
· The Comptroller commented that the Corporation is in a good position in preparation for the new legislation regarding IT and policies and that the aim is to have compliance by 25th May 2018. It was further commented that in preparing for the GDPR the Comptroller have learnt that not all departments are fully compliant and that breaches tend to be low level, including sending emails to the wrong address and leaving confidential papers behind.
· The IT Director commented that the main changes in the department would be e-forms and considering the right to be forgotten. It was added that the department has been looking at where data has been stored in different systems and has been working with other regulators to ensure best practise.
· The Chairman commented that the 6 principals of data protection need to be known company wide and embedded into the company culture.
RESOLVED – That Members noted the update.