This policy applies to all South Yorkshire Police (SYP) officers, staff and members of the Special Constabulary, Police Cadets and Volunteers, whether working on South Yorkshire Police premises or remotely.The policy also applies to members of other organisations who are authorised to process South Yorkshire Police information, including contractors and members of partner organisations.
Policy Aims and Objectives:
This policy covers the business areas of –1. Information Assurance2. Data Protection3. Freedom of Information and Environmental Information Regulations4. Records Management
These four areas provide the necessary framework to ensure that all information is managed in line with legislative, national and local requirements.
This section of the policy outlines the management of South Yorkshire Police information assets. This statement of policy, along with the associated procedural instruction is intended to protect South Yorkshire Police’s information assets from all threats, whether internal or external, deliberate or accidental, thereby minimising the risk of disruption or damage.
This section of the policy aims to preserve:-
- the confidentiality of information by ensuring it is only accessible by those who have been authorised to have such access; and to ensure that it is only disclosed to the relevant individuals, all of which will be carried out for a legitimate policing purpose. Use of corporate information held on South Yorkshire Police systems for a personal reason is prohibited;
- the integrity of the information by safeguarding the accuracy and completeness of both the information and the processing methods utilised;
- the availability of the information by ensuring that authorised users have access to information and other assets when required.
It also intends to:-
- ensure compliance with HMG Security Policy Framework and the ACPO(S) Community Security Policy.
- inform all users of South Yorkshire Police information assets of their responsibilities to, and accountability for information security;
- deal with breaches of this policy and its associated procedural instruction swiftly and robustly.
The specific objective of this section of the policy is to enable South Yorkshire Police to conduct its operations, whilst reducing to an acceptable level, the risk of damage by preventing and minimising the impact of breaches of security.
The procedural instruction which supports this section of the policy is D51075 - Information Assurance.
This section of the policy outlines and clearly defines the levels of responsibility and arrangements necessary to manage the relevant legal provisions of the Data Protection Act 1998 (DPA). It is also intended to provide instruction and guidance to enable the Force to fulfil its legal obligations in respect of the processing of personal data.
The ACPO Manual of Guidance provides forces with the necessary framework for implementation of the DPA and the supporting procedural instruction is based around this.
The procedural instruction which supports this section of the policy is D50743 – Data Protection.
3.Freedom of Information and Environmental Information Regulations
This section of the policy outlines SYP’s obligations under the Freedom of Information Act 2000 (FOIA) and Environmental Information Regulations 2004 (EIR) with the aim of ensuring that SYP is compliant with both.
The FOIA gives the right to anybody, anywhere across the world, to request copies of any recorded information from any public authority for any reason. Requests need be accommodated wherever possible.The FOIA places two distinct responsibilities on public authorities:
1. The duty to confirm or deny whether the requested information exists; and
2. The duty to communicate the requested information
The two main ways that the release of information is achieved are:
A. Creating and Maintaining a Publication Scheme
Section 19 of the FOIA places a responsibility on public authorities to adopt, implement, operate and maintain a Publication Scheme. The purpose of this is to make available a significant proportion of disclosable information routinely and accessibly without waiting for it to be requested. SYP is committed to adopting an open and transparent approach in the completion of all functions.
The SYP Publication Scheme is located on the SYP Web-Site.
There are several classes of information which have been agreed by the Association of Chief Police Officers (ACPO) and the Information Commissioners Office for publication on the scheme. The information contained within these classes needs to be regularly reviewed and updated.
B. Providing a General Right of Access to all Types of ‘Recorded’ Information held by Public Authorities
Under the terms of the FOIA, public authorities are required to make available requested information (subject to a range of exemptions) to any individual or organisation anywhere in the world.
The purpose of this section of the policy is to outline the force’s legal requirements for the release of information under the FOIA and give brief guidance to staff receiving and dealing with requests for information.
The EIR confer similar rights to information but with variances in application.
More detailed advice can be found in the ACPO FOI Manual of Guidance.
The procedural instruction which supports this section of the policy is D51451 – Freedom Of Information Act and Environmental Information Regulations.
For the purposes of this section of the policy:
- It applies to all SYP staff who create, receive, record, use, hold, disseminate manage or dispose of hard copy and/or electronic records.
- The term records refers to:
- Paper and electronic Microsoft Office documents
- Audio tapes
- Video tapes
- Digital media
- Emails, whether stored digitally from their original source or printed
- Photographs, including prints, negatives, transparencies and glass plates
- Maps and plans
- Drawings and other artwork
- Artefacts and exhibits
- Physical evidence
- Any other information source held by or on behalf of SYP
- It ensures a comprehensive and systematic approach to electronic and physical document preparation, storage and archiving. This will help SYP to meet its statutory obligations, protect its property and intelligence, and ensure a well-managed and easily accessible records management service is in operation for the benefit of its employees and customers. This section of the policy is founded upon the principles of the Lord Chancellor's Code of Practice on Records Management.
- It ensures that SYP recognises the need for quality in its records creation and storage, and is committed to developing best practice in this area.
Importance of Records Management
Information contained in Force records is one of the most important corporate resources the Force has at its disposal. Information is recorded within the Force's business records and must be captured within corporate filing systems. This will allow efficient retrieval as required. The implementation of good records management practices will benefit the Force in the following ways:
1 To Control the Creation and Growth of Records
Despite decades of using various non-paper storage media, the amount of paper in SYP continues to escalate. An effective records management system addresses both creation control (limits the generation of records or copies not required to operate the business) and records retention (a system for destroying records no longer required for a business or policing purpose), thus stabilising the growth of records in all formats.
2 To Reduce Costs and Improve Efficiency
Time spent searching for missing or misfiled records is not productive. A good records management system can help SYP upgrade its record management systems so that information retrieval is enhanced, with corresponding improvements in office efficiency and productivity.
A well designed and operated filing system with an effective index can facilitate retrieval and deliver information to staff as quickly as possible.
3 To Minimise Risks of Litigation
The Force needs to implement records management systems in order to reduce the risks associated with litigation and potential penalties.
A consistently applied records management system can reduce the liabilities associated with document disposal by ensuring systematic, routine disposal in the normal course of business.
4 To Comply with Legislative Requirements
In order to comply with legislative requirements, SYP commit to maintaining quality records management systems and processes.
To assist the evaluation, actioning, sharing and review of information, it must be in a format that is manageable, whether as an electronic, photographic or paper record.
Copies of records in existence on an electronic force information system will not be held in paper format following the closure of the case to which they refer.
Duplicates of original records will not be held in physical files.
Records containing the personal data of offenders, victims, witnesses or any other customer of South Yorkshire Police will not be stored in personal 'U' drives.
Prior to the creation of an electronic record, searches must be made to ensure that the information has not already been created elsewhere.
This section aims to ensure that the quality of all data held by SYP conforms to the data quality principles of being:
Definitions of these principles can be found within the Authorised Professional Practice (APP) section entitled Information Management in the sub-section, Principles of Recording Police Information.
Data Quality is everyone's responsibility and all officers and staff will apply these principles.
By applying these principles, the collection and recording of all future data will be of a high standard and errors will, over time, be amended or deleted.
As a result of information we receive, we make many, often-complex decisions about our priorities and the use of our resources. As such, good quality data is an essential ingredient for reliable performance to support decision making especially when tasking is considered. It is important that SYP gets data quality right first time, every time. Remember that to get quality information out of our systems, quality information needs to be fed in.
Intelligence is information, which has gone through a process of consideration and evaluation. There is a clear distinction between the terms, which should be realised by all staff.
This section is intended to provide instruction and guidance to enable the Force to fulfil its legal obligations in respect of records retention of both corporate records and records held for a policing purpose.
District Commanders/Departmental Heads should ensure that weeding of current retained records takes place at least annually.
Often, there will be more than one legislative direction on the retention of a record. Where this is the case, the longest mandated retention period should be chosen.
Management of Police Information (MoPI)
Policing is a continuous risk management exercise. It is therefore essential that the processes for the management of police information focus on managing the risk attached to that information. This is achieved by ensuring that there are clear and consistent procedures for collecting, recording and evaluating information and that effective systems are in place to take appropriate action on the basis of police information. This is in accordance with key recommendations of the Bichard inquiry, which has now been replaced by Authorised Professional Practice (APP) in the section entitled Information Management.
Under MoPI, police information is information that is required for a policing purpose. These are defined as:
- Protecting life and property
- Preserving order
- Preventing the commission of offences
- Bringing offenders to justice
- Any duty or responsibility arising from common or statute law
These five policing purposes provide the legal basis for collecting, recording, evaluating, sharing and retaining police information. These policing purposes do not, therefore, define every policing activity, and purposes are not mutually exclusive. Information can be collected for one policing purpose and used for another that may not have been known about at the point of collection. It is essential that a policing purpose be established in order for information to be legally held.
The Authorised Professional Practice (APP) section entitled Information Management is a framework: it does not prescribe how all information should be dealt with on a case-by-case basis. Chief Officers are accountable in law for those decisions and nothing within the MoPI Code of Practice or APP changes that accountability.
However, the principles of MoPI provide a way of balancing proportionality and necessity that are at the heart of effective police information management. They also highlight the issues that need to be considered in order to comply with the law and manage risk associated with police information.
The procedural instruction which supports this section of the policy is D50744 – Records Management In Practice.
Associated Procedural Instructions:
This policy is supported by the following procedural instructions:
D51075 – Information Assurance D50743 – Data Protection
D51451 – Freedom Of Information Act and Environmental Information Regulations
D50744 – Records Management In Practice
D50415 - Civil Prosecutions and the Disclosure of Police Service Information
Equality Act 2010:
The Act creates a statutory requirement for all Functions and Policies (Including Procedural Instructions) to be analysed for their effect on equality, diversity and human rights, with due regard to the General Duty.
In principle, this document has been assessed for discrimination, which cannot be justified, among other diverse groups.
The purpose of providing policy is to give an indication to staff of the expected course of action. However it is not possible to cater for every possible combination of factors that would justify a departure from stated policy. The Human Rights Act 1998 requires the proper use of discretion at all times and nothing within this policy and associated procedural instructions prohibits the proper use of discretion in appropriate circumstances.
Where action is taken that has the potential to interfere with an individual's Human Rights, the reasons behind the making of the decision to act in that way should be recorded on the appropriate forms, or where this is not practicable, in pocket books or policy logs.
This policy together with its Equality Analysis will be reviewed every 2 years.
Rights of redress for members of the public:
Anyone who feels that a member of staff has behaved incorrectly or unfairly, or who is dissatisfied with organisational matters, service delivery or other operational policing issues, has the right to make a complaint.
Initial action should be taken in one of the following ways:
- Complain in writing or in person to the Senior Officer at the appropriate police station or to the Chief Constable of the force concerned.
- Visit a local Citizens' Advice Bureau
- Contact a Solicitor
Rights of redress for South Yorkshire Police personnel:
South Yorkshire Police personnel who feel they have grounds for concern in relation to the implementation of policies may, as appropriate:
- Pursue concerns through their line manager.
- Contact a First Contact Advisor.
- Pursue a grievance formally through the South Yorkshire Police Fairness at Work Procedure.
- Seek advice from their staff association or trades union.
- Use procedural instruction D50241 Management of Complaints, in the section entitled Handling Complaints relating to Direction and Control.
20 September 2010