Richard Thomas, the new Information Commissioner, has pledged that one of
his priorities is to make it easier for organisations to comply with the Data
Protection Act.
Thomas, speaking in his official capacity for first time since he took over
the role from Elizabeth France, hinted that he would try to simplify guidance
on employers’ responsibilities when handling staff data under the Data
Protection Act – one of the Information Commission’s main tasks.
He said he is considering publishing a shorter code on monitoring for small
businesses.
"I want to explore the scope for simplifying and de-mystifying the law
and its enforcement so as to minimise the burdens," he said.
"The best way to achieve this is to get organisations to see that this
is in their own best interests. But this must be backed up by firm and
well-targeted use of legal powers where necessary."
Thomas’ comments follow consistent criticism of the Information Commission
that its data protection codes designed to help organisations comply with the
legislation are too long and complex.
Thomas also warned about unnecessary secrecy within the public sector and
the dangers of ever-increasing surveillance.
He put openness for public bodies and respect for personal information at
the heart of his vision for the organisation as he identified priority areas
for him and his team.
"People will not trust government if there is excessive secrecy. And
they will get increasingly anxious about a surveillance society if they cannot
be confident that information about their private lives is being handled
properly," he said.
The Information Commission’s codes on monitoring, and medical records, which
were due to be released before Christmas have still to be published.
By Ben Willmott
HR Factfile
Information Commissioner’s priorities
– Challenging traditional cultures of unnecessary secrecy
across the public sector
– Ensuring a culture of respect for personal information
– Balancing open government and privacy against other public
interests
– Helping organisations to achieve compliance with the Data
Protection Act and the Freedom of Information Act
– Fostering an environment where freedom of information and
data protection are automatic