Comment

19.04.18

How do new regulations affect information sharing?

Source: PSE April/May 2018

The incoming General Data Protection Regulation (GDPR) will significantly change the way organisations share information in a wholly positive way, writes Damion Nickerson, engagement manager at the Centre of Excellence for Information Sharing (CEIS).

When the clock struck midnight on 31 December 2017, the world sat down and took stock of another 12 months passed. For those of us looking forward, rather than back, there were a few things which were guaranteed to happen in 2018: a royal wedding, the Winter Olympics in PyeongChang, Murray mania sweeping the nation sometime in June, and the introduction of the General Data Protection Regulation (GDPR) on 25 May.

Arguably, for those not in the know, the first three events could be perceived as being of greater significance than the introduction of a new piece of legislation about how personal data is processed. However, for any public or private sector company, the incoming changes of the GDPR are a major event, which (if they haven’t already) needs to be prepared for.

We currently use data and information in line with the current Data Protection Act 1998 (DPA), which has been around for the last 20 years and has a familiar feeling about it – which isn’t to say people find it easy to navigate. Most are all well-schooled about its rules and regulations, which are engrained within the way most private and public sector companies work. So, with the DPA being replaced by the new Data Protection and Digital Economy bills, which will in effect implement the GDPR, will this change affect the way information is shared?

Working at the CEIS, the aforementioned question is one we have been asked regularly from across the public sector. At the centre, we approach this from a different angle: our focus isn’t on the technical side of information sharing, but on a cultural one. And my answer to the question about whether GDPR will change the way information is shared is, of course it will – but in a positive way.

Evolution, not revolution

Organisations which already have good practice in place around their use of information won’t need to implement significant change to be GDPR-compliant, but may need to tighten up their processes in areas such as personal data, accountability principles and individual rights. And for those organisations which don’t fall into this category, it gives them the opportunity to improve the way they do things moving forward to make sure they are working in line with the new regulations.

Irrespective of which camp your organisation or department currently sits in, the necessity to work closer with the partners you share information with will be the same. The numerous changes from the DPA that the new legislation brings, be it around what counts as personal data or changes to the accountability principles, underpins the reliance on better working relationships.

A cultural shift

At the centre, we think that organisations need to make a cultural decision to change their thinking. The GDPR gives them the opportunity to consider more broadly, not just the technical, but also what kind of information-sharing culture they would like to create. It needs to fall in line with the legislation and ensure that the technical, the mechanical and the cultural work in a cohesive and informed way.

Working like this really puts the focus back on to people; the people that work within the organisations, the people they work with, and, most importantly, the people that they support with services. This cultural shift in thinking in a lot of organisations will be revolutionary. At CEIS, we see the radical change in thinking affecting service design, professional development, partnership working, the vision and leadership that’s needed to progress the conversations, and how you engage partners to communicate what you are doing.

Opening opportunities

The introduction and implementation of the GDPR opens opportunities for organisations, departments and just about all services to do something a little different. It creates time and space to raise awareness around sharing information and an impetus to allow organisations to consider what data they hold, what consent they have, what they do with the data, and whether they even need it. In short, it creates a chance to reconnect with the people they serve.

The need to be able to prove the level of consent to use data under GDPR gives the perfect reason to reconnect with the public. It opens the opportunity to discuss data and start a conversation about how information isn’t just fundamental to the way public services are designed, but to the way they can be improved.

This opportunity to engage more with the public on the use of data would benefit from support by senior leaders and decision-makers. It needs to be embedded into everyday practice and not just a one-off, knee-jerk reaction to the GDPR – creating a cultural shift to the use of data which will benefit the way information is shared.

The elephant in the room about the new legislation is the increase in possible fines compared to the DPA. The fear this threat carries can, in some cases, stifle the way information is shared. It’s imperative that organisations are supported to feel confident to work within the new legislation and see it as an opportunity for better use of information, not a reason to stop sharing it. Elizabeth Denham, UK information commissioner, wrote in a recent blog about GDPR: “While fines may be the sledgehammer in our toolbox, we have access to lots of other tools that are well-suited to the task at hand and just as effective.” There is a wealth of support available to get GDPR-ready, so there’s no need to worry.

Mood shift

As the preparation for GDPR moves into its final months, the mood seems to be shifting from one of trepidation to one of opportunity. The potential benefits of improving our use of data and information are starting to be understood. Thinking culturally about these changes will support and empower better conversations, better relationships, more stringent accountability and better outcomes for public services and the individuals who engage with those services.

 

FOR MORE INFORMATION
W: www.informationsharing.org.uk/GDPR

Comments

There are no comments. Why not be the first?

Add your comment

 

public sector executive tv

more videos >

latest public sector news

District and borough authorities begin challenge against Nottinghamshire super-council

20/07/2018District and borough authorities begin challenge against Nottinghamshire super-council

Gedling council members have emphatically outlined their stance against a potential mega-merger in Nottinghamshire that could see borough and dis... more >
Northamptonshire new CEO approved by Full Council to lead area through ‘unprecedented time of change’

20/07/2018Northamptonshire new CEO approved by Full Council to lead area through ‘unprecedented time of change’

Northamptonshire County Council’s new chief executive has been endorsed at the authority’s Full Council meeting yesterday, with the a... more >
‘Naming and shaming index’ for bankrupt councils fails to offer genuine solution

20/07/2018‘Naming and shaming index’ for bankrupt councils fails to offer genuine solution

An index designed to measure councils’ financial resilience in order to avoid another Northamptonshire-style fiasco would actually risk ove... more >
149x260 PSE Subscribe button

the raven's daily blog

One step closer to voter IDs at elections

19/07/2018One step closer to voter IDs at elections

Chloe Smith MP, Minister for the Constitution, evaluates the outcomes of the voter ID pilots conducted at the last local elections. We are one step closer to strengthening the integrity of our electoral system through requiring electors to confirm their identity before they vote, building on the government’s commitment to safeguard ... more >
read more blog posts from 'the raven' >

interviews

Data at the heart of digital transformation

03/04/2018Data at the heart of digital transformation

SPONSORED INTERVIEW Grant Caley, UK & Ireland chief technologist at NetApp, speaks to PSE’s Luana Salles about the benefits of movin... more >
GDPR: The public sector scarecrow

03/04/2018GDPR: The public sector scarecrow

SPONSORED INTERVIEW PSE’s Josh Mines chats to Martin de Martini, CIO of Y Soft, about what the General Data Protection Regulation (GDPR)... more >
Keeping London safe

05/03/2018Keeping London safe

Theo Blackwell, London’s first-ever chief digital officer (CDO), speaks to PSE’s Luana Salles about the role he plays in ensuring the... more >
BIM: Digitising the public sector

19/02/2018BIM: Digitising the public sector

PSE’s Josh Mines talks to Stephen Crompton, CTO at GroupBC, and Stuart Bell, the company’s sales and marketing director, about how Bu... more >

last word

The importance of openness after Grenfell

The importance of openness after Grenfell

Following the recent Grenfell Tower tragedy, Lord Porter, chairman of the LGA, argues that if the public are going to have faith in the safety testing process then everything must be out in the o... more > more last word articles >

editor's comment

25/10/2017Take a moment to celebrate

Devolution, restructuring and widespread service reform: from a journalist’s perspective, it’s never been a more exciting time to report on the public sector. That’s why I could not be more thrilled to be taking over the reins at PSE at this key juncture. There could not be a feature that more perfectly encapsulates this... read more >

public sector focus

LGO upholds 60% of investigations against councils

12/07/2018LGO upholds 60% of investigations against councils

Article by Callum Wood of Public Sector Magaz... more >
Foehn achieves UK Government G-Cloud 10 Certification

05/07/2018Foehn achieves UK Government G-Cloud 10 Certification

Foehn's Rafael Cortes tells PSE abo... more >