OVERVIEW PRESENTATION FREEDOM OF INFORMATION (SCOTLAND) ACT 2002 - - PowerPoint PPT Presentation

1

OVERVIEW PRESENTATION

FREEDOM OF INFORMATION (SCOTLAND) ACT 2002

2

BACKGROUND TO FREEDOM OF INFORMATION (SCOTLAND) ACT 2002

• Passed by the Scottish Parliament -

24 April 2002

• Royal Assent – 28 May 2002
• Scottish Information Commissioner

appointed - February 2003

• Implementation timetable announced -

May 2003

• Implemented 1st January 2005

3

Freedom Of Information(Scotland) Act (FOISA) Workshops

• What does the Act do?
• What is a Publication scheme?
• Why is Records management important?
• How do you know whether a request for

information falls under the FOISA?

• Timescales and charges
• Exemptions
• Role of Scottish Information Commissioner
• What does it mean for you?

4

WHO IS SUBJECT TO THE ACT?

• All Scottish public authorities listed in Schedule 1:

– Local government, police, health, public education – NDPBs (e.g. Commissioners) – Scottish Ministers, Parliament and the Executive and – Companies wholly owned by Scottish public authorities – Organisations designated by order of the Scottish Ministers (e.g. contractors of an authority)

5

WHAT WILL THE ACT DO? – OVERVIEW

Section 1 (1) of the Act states:

• Although there are exemptions, terms and conditions, the

implementation of the Act should be governed by the simple principle that public’s general right of access should be understood as entitlement by default.

6

WHAT WILL THE ACT DO? – OVERVIEW

Provides for:

• presumption of right of access to any information

held by a public authority

• a number of absolute exemptions and others where

disclosures may be made in the public interest

• an enforcement mechanism and an independent

regulator

• publication schemes
• The Act is retrospective (ie covers all information

held no matter how old)

7

FREEDOM OF INFORMATION IN CONTEXT

• The Freedom of Information (Scotland) Act 2002

provides a right to access information held by Scottish public authorities. This should – lead to increased accountability – lead to the breakdown of a culture of secrecy and – ensure that public bodies look outward to the communities they serve

• This right of access applies to any individual,

anywhere in the world.

8

PUBLICATION SCHEME

• A public authority must maintain

a publication scheme

• Schemes list classes of

information which are published

• r intended to be published, how

they are to be published (e.g. internet), and any fees for copies

9

10

Classes of Information Within the NHS Highland Publication Scheme

• (a) The NHS: Who We Are.
• (b) Corporate Information/Governance.
• (c) Financial Information.
• (d) The Policy Framework for NHS Highland.
• (e) Improvement, Change and Innovation.
• (f) Reports of Independent Assessments.
• (g) Patient Focus/Public Involvement.
• (h) Policies and Procedures.
• (i) Complaints Procedures.
• (j) Staff Governance.
• (k) Press Releases.
• (l) Public Health.
• (m) Environmental Information.

11

RECORDS MANAGEMENT – INTRODUCTION

“Any freedom of information legislation is only as good as the quality of the records to which it provides a right of

• access. Such rights are of limited use if

reliable records are not created in the first place, if they cannot be found when needed or if the arrangements for their eventual archiving or destruction are inadequate…”

12

“Consequently all Scottish public authorities are expected to have regard to the guidance in this Code to ensure that they are managing their records

• effectively. For many authorities this will mean a

significant culture change for all of their staff – senior managers have a responsibility to lead and promote that change” Code of practice on the keeping, management and destruction of records issued by the Scottish Ministers (“Section 61 Code”)

13

REQUEST FOR INFORMATION

To be valid a request must:

• be in writing

– includes emails – legible

• contain the correspondence address and

name of the applicant

• describe the information required

NB IT DOES NOT HAVE TO SPECIFY THAT IT IS A REQUEST UNDER FOISA

14

FEES

Authorities may charge a fee NHS Highland has agreed to charge

• 10p per page for paper copies (although

any charges less than £50 will normally be waived)

• Information provided by email or disk -

free

15

RESPONSE TO REQUESTS

Authorities have to:

• communicate the actual information

unless an exemption applies

• satisfy the request within 20 working days

(a working day is Monday to Friday excluding Bank Holidays) [The 20 days deadline is from the point at which the request is received by any member of staff of NHS Highland]

16

EXEMPT INFORMATION

• “Absolute exemptions” - the exempt information is

not subject to a public interest test.

• “Non-absolute exempt information” the public

authority has to weigh up the public interest considerations “in all circumstances of the case” before applying the exemptions so that the right of access does not apply. The starting position is that the public interest is served by disclosure.

• The public authority may have to show why the

public interest is served by applying the exemption.

17

ABSOLUTE EXEMPTIONS

• Information accessible by other means

e.g. already published under a publication scheme

• court records
• personal data (requested by data subject -

Data Protection Act applies instead)

• information which cannot be disclosed by

law (court order, statute or enforceable

• bligation of confidence)

18

NON-ABSOLUTE EXEMPTIONS

• Personal data (third party) eg personal

data about staff about staff or patients

• Endanger physical or mental health of

any individual

• Environmental information

(Environmental Information Regulations apply instead)

• Communications with the Queen

19

NON-ABSOLUTE EXEMPTIONS

• Information which is/is intended to be

published within 12 weeks

• Information which would prejudice

substantially: – Audit functions – Formulation of Scottish Administration policy – The effective conduct of public affairs – Information intended for future publication

• Commercial interests, or trade secrets

20

NON-ABSOLUTE EXEMPTIONS

• Information held for criminal investigations or proceedings
• r informants
• Information which would prejudice substantially the:

– Prevention and detection of crime; apprehension or prosecution of offenders – Security and good order in prisons and other law enforcement purposes – The administration of justice – Operation of immigration control – Collection of tax, duty or imposition of a similar nature (e.g. council tax)

21

NON-ABSOLUTE EXEMPTIONS

• National security
• Prejudice substantially the defence of the realm or the

effectiveness of armed forces

• Prejudice substantially international relations
• Information is confidential and originated from another

State

• Prejudice substantially relations between

parliaments/assemblies in the UK

• Prejudice substantially the economic interests of the UK

22

DATA PROTECTION ACT 1998

• It applies to “personal data” that is

information about a living individual

• It applies to automated information or that

held on filing systems structured by reference to the data subject

• There are more stringent rules for some

types of data known as sensitive data

• Those who process personal data are

called data controllers

23

INTERFACE FOISA AND DPA – SUBJECT ACCESS

• Where an individual asks for access to personal

data about him or herself the request does not come under the FOISA. It is covered by an exemption from the FOISA. If the authority is sure

• f the identity of the applicant it should be treated as

an application for subject access under the DPA

24

INTERFACE FOISA AND DPA – THIRD PARTY ACCESS REQUESTS

• Where a third party asks for access to

information about another person it is an access request under the FOISA. However the information may be exempt from the right of access if disclosure would involve – Breach of the DPA – Health records of those who are deceased – Census information in the last 100 years

25

The Data Protection Principles

• fairly and lawfully processed;
• processed for limited purposes;
• adequate, relevant and not excessive to the purpose of the processing;
• accurate;
• not kept longer than necessary;
• processed in accordance with the data subject's rights;
• held securely;
• not transferred to countries without adequate protection.

Anyone processing personal data must comply with the eight enforceable data protection principles. These state, broadly, that personal data must be:

26

INTERFACE FOISA AND DPA – THIRD PARTY ACCESS REQUESTS

• Information will be exempt under FOISA if

– The disclosure would involve a breach of the data protection principles – The information would not be provided to the data subject himself because of the application of a subject access exemption or – Where the information would fall under the DPA, the individual has exercised his right to object to processing and the

• bjection has been accepted by the data

controller

27

SCOTTISH INFORMATION COMMISSIONER

• Deals with complainants
• Can issue:

– Information Notice – Decision Notice – Enforcement Notice

• Not an offence to ignore a Notice, but action for

contempt of Court possible

28

THE COMMISSIONER (CONTINUED)

• Commissioner approves/rejects

publication schemes;

• “Practice Recommendations” (when the

Commissioner thinks that the public authority is not meeting the requirements

• f a Code of Practice which applies to it).

29

OFFENCE (SECTION 65)

• Where a request has been made and the

information would be communicable under the FOISA

• Offence for any person to take any action

with the intention of preventing disclosure

• Applies to both the authority and the

individual employee

30

WHAT DOES FOI MEAN FOR YOU AS A MEMBER OF STAFF?

ANYTHING YOU WRITE MAY ONE DAY BE PUBLISHED

(This applies to all records, handwritten notes, emails etc)

31

What Does FOI Mean for You? (continued)

Implications for:

• Minute taking and report writing

– Be objective, – record decisions and the reasons for those decisions – Confidential appendices

• Consider having confidential appendices which

contain only the personal data which cannot be released e.g. the names of patients. The report

• r minute can then be released without

breaching patient confidentiality)

32

What Does FOI Mean for You? (continued)

• Proactive publication

– As much as possible should be published to ensure the public have access to information easily and quickly – If information is already published it is exempt - you should direct enquirers to the NHS Highland website (free access to the internet is available at all Highland libraries)

33

What Does FOI Mean for You? (continued)

• Record Keeping

– It is important to be able to access records quickly and easily in order to answer requests for information – As well as letters etc, consider keeping emails which form a record of what decisions were made/ actions taken. If you are asked in two years time why you did something you won’t be able to remember.

34

What Does FOI Mean for You? (continued)

• Reporting

– It is important not to allow compliance with Act to make responding to requests for information from the public become too bureaucratic. This could potentially lead to slower access to information than previously. – Therefore only those requests being received at Assynt House, or those requests where release of information is being refused, are being formally recorded – If you are going to have to refuse to release information (other than personal data relating to staff or patients) please notify Chris Meecham

35

What Does FOI Mean for You? (continued)

• Mail

– The clock starts ticking at the point at which the request is received (ie in your email inbox or at an NHS Highland building). It is good practice to date-stamp or mark when the request was received – You should have arrangements in place for your mail to be dealt with while you are away (e.g. on leave). Otherwise you will have even less time to meet the 20 day deadline. – If you receive a request which you can’t answer, pass it on quickly to someone who can

36

Further Information

• http://www.scotland.gov.uk/government/foi
• Scottish Executive
• www.itspublicknowledge.info -

Scottish Information Commissioner

• www.show.nhs.uk/nhshighland/ -

NHS Highland

• Contact Chris Meecham, Head of Media Communications

and Corporate Services, Tel : 01463 704820 or email at chris.meecham@hhb.scot.nhs.uk