The Cabinet had before it a * report of the Group Manager for Performance, Governance and Data Security updating the existing policy to incorporate the requirements of the Data Protection Act (DPA) 2018 and GDPR.
The Leader outlined the contents of the report stating that the Data Protection Act 2018 received royal assent on 23 May 2018, this presented the first major change to data protection for personal data for 20 years and incorporated the requirement of the GDPR, the Law Directive and other amendments such as changes to the powers of the ICO and enforcement. He highlighted the training programme which had been established for both Officers and Members.
In answer to the questions posed in public question time, the Group Manager for Performance, Governance and Data Security stated that Mr Quinn was correct, there had been an omission within the policy and that ‘Genetic, or Biometric data, for the purposes of uniquely identifying an individual’ should be included.
RESOLVED that subject to the inclusion of ‘Genetic, or Biometric data, for the purposes of uniquely identifying an individual’ into the special category data within the principles of data protection section of the policy, the revised Data Protection Policy be approved.
(Proposed by the Chairman)
Note: *Report previously circulated, copy attached to minutes.