Comment

19.04.18

How do new regulations affect information sharing?

Source: PSE April/May 2018

The incoming General Data Protection Regulation (GDPR) will significantly change the way organisations share information in a wholly positive way, writes Damion Nickerson, engagement manager at the Centre of Excellence for Information Sharing (CEIS).

When the clock struck midnight on 31 December 2017, the world sat down and took stock of another 12 months passed. For those of us looking forward, rather than back, there were a few things which were guaranteed to happen in 2018: a royal wedding, the Winter Olympics in PyeongChang, Murray mania sweeping the nation sometime in June, and the introduction of the General Data Protection Regulation (GDPR) on 25 May.

Arguably, for those not in the know, the first three events could be perceived as being of greater significance than the introduction of a new piece of legislation about how personal data is processed. However, for any public or private sector company, the incoming changes of the GDPR are a major event, which (if they haven’t already) needs to be prepared for.

We currently use data and information in line with the current Data Protection Act 1998 (DPA), which has been around for the last 20 years and has a familiar feeling about it – which isn’t to say people find it easy to navigate. Most are all well-schooled about its rules and regulations, which are engrained within the way most private and public sector companies work. So, with the DPA being replaced by the new Data Protection and Digital Economy bills, which will in effect implement the GDPR, will this change affect the way information is shared?

Working at the CEIS, the aforementioned question is one we have been asked regularly from across the public sector. At the centre, we approach this from a different angle: our focus isn’t on the technical side of information sharing, but on a cultural one. And my answer to the question about whether GDPR will change the way information is shared is, of course it will – but in a positive way.

Evolution, not revolution

Organisations which already have good practice in place around their use of information won’t need to implement significant change to be GDPR-compliant, but may need to tighten up their processes in areas such as personal data, accountability principles and individual rights. And for those organisations which don’t fall into this category, it gives them the opportunity to improve the way they do things moving forward to make sure they are working in line with the new regulations.

Irrespective of which camp your organisation or department currently sits in, the necessity to work closer with the partners you share information with will be the same. The numerous changes from the DPA that the new legislation brings, be it around what counts as personal data or changes to the accountability principles, underpins the reliance on better working relationships.

A cultural shift

At the centre, we think that organisations need to make a cultural decision to change their thinking. The GDPR gives them the opportunity to consider more broadly, not just the technical, but also what kind of information-sharing culture they would like to create. It needs to fall in line with the legislation and ensure that the technical, the mechanical and the cultural work in a cohesive and informed way.

Working like this really puts the focus back on to people; the people that work within the organisations, the people they work with, and, most importantly, the people that they support with services. This cultural shift in thinking in a lot of organisations will be revolutionary. At CEIS, we see the radical change in thinking affecting service design, professional development, partnership working, the vision and leadership that’s needed to progress the conversations, and how you engage partners to communicate what you are doing.

Opening opportunities

The introduction and implementation of the GDPR opens opportunities for organisations, departments and just about all services to do something a little different. It creates time and space to raise awareness around sharing information and an impetus to allow organisations to consider what data they hold, what consent they have, what they do with the data, and whether they even need it. In short, it creates a chance to reconnect with the people they serve.

The need to be able to prove the level of consent to use data under GDPR gives the perfect reason to reconnect with the public. It opens the opportunity to discuss data and start a conversation about how information isn’t just fundamental to the way public services are designed, but to the way they can be improved.

This opportunity to engage more with the public on the use of data would benefit from support by senior leaders and decision-makers. It needs to be embedded into everyday practice and not just a one-off, knee-jerk reaction to the GDPR – creating a cultural shift to the use of data which will benefit the way information is shared.

The elephant in the room about the new legislation is the increase in possible fines compared to the DPA. The fear this threat carries can, in some cases, stifle the way information is shared. It’s imperative that organisations are supported to feel confident to work within the new legislation and see it as an opportunity for better use of information, not a reason to stop sharing it. Elizabeth Denham, UK information commissioner, wrote in a recent blog about GDPR: “While fines may be the sledgehammer in our toolbox, we have access to lots of other tools that are well-suited to the task at hand and just as effective.” There is a wealth of support available to get GDPR-ready, so there’s no need to worry.

Mood shift

As the preparation for GDPR moves into its final months, the mood seems to be shifting from one of trepidation to one of opportunity. The potential benefits of improving our use of data and information are starting to be understood. Thinking culturally about these changes will support and empower better conversations, better relationships, more stringent accountability and better outcomes for public services and the individuals who engage with those services.

 

FOR MORE INFORMATION
W: www.informationsharing.org.uk/GDPR

Comments

There are no comments. Why not be the first?

Add your comment

 

public sector executive tv

more videos >

latest public sector news

Council to spend £4m investigating senior officers who gave themselves 20% wage rise during pay freeze

14/12/2018Council to spend £4m investigating senior officers who gave themselves 20% wage rise during pay freeze

A council has agreed to allocate nearly an extra £250,000 to an investigation looking into alleged pay rises given to senior officers. ... more >
Government commissioner allows Wakefield Council to retain full control of services

14/12/2018Government commissioner allows Wakefield Council to retain full control of services

Almost four months after Ofsted inspectors identified “serious and widespread failures” across Wakefield’s children’s ser... more >
Fife Council scraps controversial P1 assessments despite harsh government opposition

14/12/2018Fife Council scraps controversial P1 assessments despite harsh government opposition

Fife Council has announced that it will be scrapping the controversial standardised P1 assessments at the end of the current academic year. ... more >
149x260 PSE Subscribe button

the raven's daily blog

Blog: 5 minutes with Gary Wallis-Clarke, member of the Northern Powerhouse Education and Skills Group

12/12/2018Blog: 5 minutes with Gary Wallis-Clarke, member of the Northern Powerhouse Education and Skills Group

Ahead of the upcoming networking extravaganza EvoNorth, we caught up with Gary Wallis-Clarke, a member of the Northern Powerhouse Education and Skills group, executive headteacher at West Jesmond Primary school, and its national leader of education. In our interview, Gary reveals what the Northern Powerhouse means to him and explains... more >
read more blog posts from 'the raven' >

interviews

New Dorset Councils CEO on the creation of a new unitary: ‘This is going to be the right decision for Dorset’

05/11/2018New Dorset Councils CEO on the creation of a new unitary: ‘This is going to be the right decision for Dorset’

The new chief executive of one of the new unitary authorities in Dorset has outlined his approach to culture and work with employees, arguing tha... more >
Keeping the momentum of the Northern Powerhouse

15/10/2018Keeping the momentum of the Northern Powerhouse

On 6 September, the biggest decision-makers of the north joined forces to celebrate and debate how to drive innovation and improvement through th... more >
Cllr Cutts on dealing with children’s services pressures: ‘I can’t magic money out of the air’

26/09/2018Cllr Cutts on dealing with children’s services pressures: ‘I can’t magic money out of the air’

The leader of Nottinghamshire County Council has outlined her priorities for dealing with soaring demand of children’s services and social ... more >
Nottinghamshire considers unitary shake-up proposals in a bid to balance books

05/09/2018Nottinghamshire considers unitary shake-up proposals in a bid to balance books

Nottinghamshire County Council is considering proposals to scrap its current two-tier structure for a new unitary system in order to save on... more >

last word

The importance of openness after Grenfell

The importance of openness after Grenfell

Following the recent Grenfell Tower tragedy, Lord Porter, chairman of the LGA, argues that if the public are going to have faith in the safety testing process then everything must be out in the o... more > more last word articles >

editor's comment

25/10/2017Take a moment to celebrate

Devolution, restructuring and widespread service reform: from a journalist’s perspective, it’s never been a more exciting time to report on the public sector. That’s why I could not be more thrilled to be taking over the reins at PSE at this key juncture. There could not be a feature that more perfectly encapsulates this... read more >

public sector focus