OVERVIEW PRESENTATION FREEDOM OF INFORMATION (SCOTLAND) ACT 2002 1
BACKGROUND TO FREEDOM OF INFORMATION (SCOTLAND) ACT 2002 • Passed by the Scottish Parliament - 24 April 2002 • Royal Assent – 28 May 2002 • Scottish Information Commissioner appointed - February 2003 • Implementation timetable announced - May 2003 • Implemented 1st January 2005 2
Freedom Of Information(Scotland) Act (FOISA) Workshops • What does the Act do? • What is a Publication scheme? • Why is Records management important? • How do you know whether a request for information falls under the FOISA? • Timescales and charges • Exemptions • Role of Scottish Information Commissioner • What does it mean for you? 3
WHO IS SUBJECT TO THE ACT? • All Scottish public authorities listed in Schedule 1: – Local government, police, health, public education – NDPBs (e.g. Commissioners) – Scottish Ministers, Parliament and the Executive and – Companies wholly owned by Scottish public authorities – Organisations designated by order of the Scottish Ministers (e.g. contractors of an authority) 4
WHAT WILL THE ACT DO? – OVERVIEW Section 1 (1) of the Act states: ���������������������� ��������������������������� ���������������������������� �������������������������������� �������������� Although there are exemptions, terms and conditions, the implementation of the Act should be governed by the simple principle that public’s general right of access should be understood as entitlement by default. 5
WHAT WILL THE ACT DO? – OVERVIEW Provides for: • presumption of right of access to any information held by a public authority • a number of absolute exemptions and others where disclosures may be made in the public interest • an enforcement mechanism and an independent regulator • publication schemes • The Act is retrospective (ie covers all information held no matter how old) 6
FREEDOM OF INFORMATION IN CONTEXT • The Freedom of Information (Scotland) Act 2002 provides a right to access information held by Scottish public authorities. This should – lead to increased accountability – lead to the breakdown of a culture of secrecy and – ensure that public bodies look outward to the communities they serve • This right of access applies to any individual, anywhere in the world. 7
PUBLICATION SCHEME • A public authority must maintain a publication scheme • Schemes list classes of information which are published or intended to be published, how they are to be published (e.g. internet), and any fees for copies 8
9
Classes of Information Within the NHS Highland Publication Scheme • (a) The NHS: Who We Are. • (b) Corporate Information/Governance. • (c) Financial Information. • (d) The Policy Framework for NHS Highland. • (e) Improvement, Change and Innovation. • (f) Reports of Independent Assessments. • (g) Patient Focus/Public Involvement. • (h) Policies and Procedures. • (i) Complaints Procedures. • (j) Staff Governance. • (k) Press Releases. • (l) Public Health. • (m) Environmental Information. 10
RECORDS MANAGEMENT – INTRODUCTION “Any freedom of information legislation is only as good as the quality of the records to which it provides a right of access. Such rights are of limited use if reliable records are not created in the first place, if they cannot be found when needed or if the arrangements for their eventual archiving or destruction are inadequate…” 11
“Consequently all Scottish public authorities are expected to have regard to the guidance in this Code to ensure that they are managing their records effectively. For many authorities this will mean a significant culture change for all of their staff – senior managers have a responsibility to lead and promote that change” Code of practice on the keeping, management and destruction of records issued by the Scottish Ministers (“Section 61 Code”) 12
REQUEST FOR INFORMATION To be valid a request must: • be in writing – includes emails – legible • contain the correspondence address and name of the applicant • describe the information required NB IT DOES NOT HAVE TO SPECIFY THAT IT IS A REQUEST UNDER FOISA 13
FEES Authorities may charge a fee NHS Highland has agreed to charge • 10p per page for paper copies (although any charges less than £50 will normally be waived) • Information provided by email or disk - free 14
RESPONSE TO REQUESTS Authorities have to: • communicate the actual information unless an exemption applies • satisfy the request within 20 working days (a working day is Monday to Friday excluding Bank Holidays) [The 20 days deadline is from the point at which the request is received by any member of staff of NHS Highland] 15
EXEMPT INFORMATION • “Absolute exemptions” - the exempt information is not subject to a public interest test. • “Non-absolute exempt information” the public authority has to weigh up the public interest considerations “in all circumstances of the case” before applying the exemptions so that the right of access does not apply. The starting position is that the public interest is served by disclosure. • The public authority may have to show why the public interest is served by applying the exemption. 16
ABSOLUTE EXEMPTIONS • Information accessible by other means e.g. already published under a publication scheme • court records • personal data (requested by data subject - Data Protection Act applies instead) • information which cannot be disclosed by law (court order, statute or enforceable obligation of confidence) 17
NON-ABSOLUTE EXEMPTIONS • Personal data (third party) eg personal data about staff about staff or patients • Endanger physical or mental health of any individual • Environmental information (Environmental Information Regulations apply instead) • Communications with the Queen 18
NON-ABSOLUTE EXEMPTIONS • Information which is/is intended to be published within 12 weeks • Information which would prejudice substantially: – Audit functions – Formulation of Scottish Administration policy – The effective conduct of public affairs – Information intended for future publication • Commercial interests, or trade secrets 19
NON-ABSOLUTE EXEMPTIONS • Information held for criminal investigations or proceedings or informants • Information which would prejudice substantially the: – Prevention and detection of crime; apprehension or prosecution of offenders – Security and good order in prisons and other law enforcement purposes – The administration of justice – Operation of immigration control – Collection of tax, duty or imposition of a similar nature (e.g. council tax) 20
NON-ABSOLUTE EXEMPTIONS • National security • Prejudice substantially the defence of the realm or the effectiveness of armed forces • Prejudice substantially international relations • Information is confidential and originated from another State • Prejudice substantially relations between parliaments/assemblies in the UK • Prejudice substantially the economic interests of the UK 21
DATA PROTECTION ACT 1998 • It applies to “personal data” that is information about a living individual • It applies to automated information or that held on filing systems structured by reference to the data subject • There are more stringent rules for some types of data known as sensitive data • Those who process personal data are called data controllers 22
INTERFACE FOISA AND DPA – SUBJECT ACCESS • Where an individual asks for access to personal data about him or herself the request does not come under the FOISA. It is covered by an exemption from the FOISA. If the authority is sure of the identity of the applicant it should be treated as an application for subject access under the DPA 23
INTERFACE FOISA AND DPA – THIRD PARTY ACCESS REQUESTS • Where a third party asks for access to information about another person it is an access request under the FOISA. However the information may be exempt from the right of access if disclosure would involve – Breach of the DPA – Health records of those who are deceased – Census information in the last 100 years 24
The Data Protection Principles Anyone processing personal data must comply with the eight enforceable data protection principles. These state, broadly, that personal data must be: • fairly and lawfully processed; • processed for limited purposes; • adequate, relevant and not excessive to the purpose of the processing; • accurate; • not kept longer than necessary; • processed in accordance with the data subject's rights; • held securely; • not transferred to countries without adequate protection. 25
Recommend
More recommend
