This policy statement sets out how the Office of the Police and Crime Commissioner, referred to as the ‘office’ throughout, manages information. It applies to all the information held by the office, regardless of its format or (internal or external) origin. In the context of this policy statement ‘information’ includes data and records, and also both paper and digital formats.
This policy statement sets out the commitment of the office to manage information in a professional manner. It is supported by a framework of more detailed data, information and records policies.
Our policy is to:
- manage information effectively as a strategic corporate body by providing timely, appropriate, accurate and up-to-date information when it is needed
- make information available to those with a business need to see it
- take appropriate measures to protect information, including personal information, which cannot be shared for reasons of security or privacy
- assess and manage risks to the confidentiality, integrity and availability of information
- ensure that information created, collected and stored is proportionate to the business need, and is retained only for as long as it is needed
- ensure information is of the appropriate quality, and in the appropriate media, to support business needs
- create an information literate culture, where all staff recognise that information is everyone’s responsibility and have the skills, confidence & commitment to effectively manage information according to the requirements of their role
- comply with all relevant statutory and regulatory requirements
- assign to appropriately skilled individuals clear responsibilities for creating, maintaining and promoting detailed information policies, standards, procedures and guidelines, and for monitoring compliance with these
Transportation of Data
The office will also monitor the way that information is transported between locations, and ensure staff are supported with the correct knowledge and equipment to enable the safe transportation of data.
Our policy is to:
- challenge any requests to transport sensitive data away from the main office to seek clarity on the destination and proposed use of the information
- ensure all documents are clearly marked ‘confidential’ where appropriate, and conceal paper documents from sight at all stages of the journey
- provide secure external media devices (pen-drives, hard drives) to facilitate the need to transport sensitive data
- ensure all staff are aware of their responsibilities when transporting data from one location to another
- ensure staff immediately report any loss of information to their line manager, in the first instance, or Chief Executive if out of office hours