Greater Manchester SCB Logo


Top of page

Size: View this website with small text View this website with medium text View this website with large text View this website with high visibility

2.1 Policy for the Secure Handling of Protected Information

NOTE

This sets out the specific provisions for the handling of protected information in Greater Manchester.

See also: Child Protection Conferences: Guidance for Partner Agencies on the Use, Recording, Dissemination and Handling of Police Information (Greater Manchester Police)

RETENTION OF RECORDS

For general principles regarding data protection and information-sharing (including when it is appropriate to share information), see Data Protection, Information Sharing and Confidentiality Policy.

Electronic and Digital Recording of Meetings and Conversations Procedure

AMENDMENT

In July 2019, this chapter was given a general refresh throughout.


Contents

  1. Purpose
  2. Scope
  3. Definition of Protected Information
  4. Data Handling Principles
  5. Incident Reporting
  6. Partner Organisations - GMSCB Expectations
  7. Security Classification
  8. Handling Protected Documents

    Appendix 1: GMSCB Secure Data Handling Policy


1. Purpose

1.1

The Greater Manchester Safeguarding Children Boards (GGMSCB) are committed to ensuring the availability, confidentiality and integrity of Protected Information, irrespective of whether this is held electronically, on paper or in other formats.

The purpose of this policy is to set out:

  • The principles guiding GMSCB's approach in ensuring secure data handling of Protected Information;
  • The incident reporting procedures GMSCB has adopted;
  • The expectations on partners with whom GMSCB necessarily closely works with in discharging its statutory functions.
1.2

This policy relates to:

  • Information generated directly by GMSCB; the purpose of which is to inform the members of the Boards and partner organisations e.g. policies and procedures, business plans;
  • Information shared with GMSCB by others to facilitate the discharge of GMSCB functions;
  • Information shared by GMSCB with others to facilitate the discharge of GMSCB functions.


2. Scope

2.1 This policy applies to employees of GMSCB; the GMSCB and Executive; and all Subgroups and other multi-agency fora of the Board. The policy also applies to any third parties appointed under the terms of a contract to provide professional and/or other services (i.e. data processors) for GMSCB involving Protected Information under the control of GMSCB.
2.2 The expectations on Partner Organisations who support the functions of the GMSCB are set out in Section 6, Partner Organisations - GMSCB Expectations.


3. Definition of Protected Information

3.1

Protected Information is defined as:

  1. Protected Information about people.

    All people-related information enabling a child or a living person to be identified (for example family members and non-publicly available information about employees, such as full name in combination with home address or other identifiers);
  2. Protected Information which is not about people.

    This includes information whether in draft or final form which in the wrong hands has the potential to cause harm, including but not limited to the following examples:
    • By damaging the reputation of GMSCB and/or any of its partners;
    • By disclosing information of a confidential nature whether or not it is protected by common law (e.g. legally privileged information);
    • Revealing the internal operations/investigating practices of partner bodies not otherwise in the public domain.


4. Data Handling Principles

4.1 GMSCB undertakes to ensure that it implements organisational and technical security measures appropriate to the nature and sensitivity of the Protected Information and the degree of harm which may be caused if the Protected Information were to become compromised.
4.2

Specifically, GMSCB will ensure that:

  • Protected Information is communicated with members of the GMSCB Executive, the Board, Sub-Groups; Independent Consultants; and with external bodies by secure electronic means;
  • All communications and documents containing Protected Information are protectively marked to draw attention to the level of security the recipient must observe (see Section 7, Security Classification for an explanation of the levels used by GMSCB and the appropriate electronic methods for distribution);
  • Any Protected Information distributed in paper form at meetings convened by GMSCB is returned to GMSCB officers on conclusion of the meeting and is not in any circumstances physically removed from secure GMSCB premises.


5. Incident Reporting

5.1 GMSCB is committed to ensuring it reacts appropriately to any actual or suspected security incident.
5.2 A security incident occurs whenever there is reason to believe that security has been compromised resulting in unauthorised access, misuse, modification, corruption, loss or theft of Protected Information assets.
5.3

Anyone acting under the auspices of GMSCB who knows, or suspects, a security breach involving Protected Information assets under the control of GMSCB has occurred must:

  • Take any obvious safe steps to reduce the harm/risk by preventing any further loss of the data, system intrusion or unauthorised access;
  • Assess whether any lost or stolen data is potentially recoverable and what reasonable steps may be necessary to achieve this;
  • Report the incident quickly and no later than 24 hours after discovery to the relevant LSCB Business Manager; or the Independent Chair of the LSCB; (or out of hours in an emergency the police).
5.4

An urgent assessment will be undertaken by the Independent Chair and/or the Business Manager to determine:

  • The severity of the breach;
  • The process for investigating what has happened;
  • How and why it has happened;
  • Who was involved;
  • The actions required to contain the incident;
  • Who needs to be informed of the breach and by whom;
  • Any learning lessons to reduce the risk of a similar event in the future.
5.5 If the incident is severe and/or requires a multi-agency response, an incident response team will be urgently convened to risk assess the actions required to recover from and contain the incident. The nature and severity of the incident will determine the team members and timeframe for the meeting.
5.6 Where compromised information originates from a partner organisation, GMSCB undertakes to notify the partner organisation on a timely basis.
5.7 GMSCB has resolved to report any incident involving the loss or theft of Protected Information with the potential to cause an individual harm to GMP for investigation; this will be facilitated through the Force Duty Officer.


6. Partner Organisations - GMSCB Expectations

6.1 The GMSCB recognises that Partner Organisations are separate data controllers and will have their own policies relating to secure data handling and incident reporting.
6.2

However, as a minimum GMSCB expects that Partner Organisations will adhere to the following:

  • Accept responsibility for safeguarding Protected Information once it has been securely communicated by GMSCB and ensure that it remains at all times on a secure network or in a secure environment;
  • Ensure employees handling GMSCB received Protected Information have received appropriate data handling and information security training;
  • Ensure that Protected Information is securely communicated to GMSCB and is protectively marked;
  • Ensure that Protected Information is securely destroyed once it is no longer required, observing the principle that the primary record holder is the body responsible for meeting the relevant retention periods;
  • Notify GMSCB on a timely basis if Protected Information received from GMSCB is compromised; and likewise inform any other partners from whom the Protected Information may have originated;
  • Cooperate with GMSCB and any other affected partners, in determining the actions necessary to recover from and contain a security incident, including notification of the Information Commissioner or any other regulatory bodies.


7. Security Classification

UNCLASSIFIED PROTECT RESTRICTED

Unclassified information is data which does not meet any of the criteria which would require the information to be categorised as protected or restricted.

The loss, or compromise information or material likely to result in any of the following:

  • Cause substantial distress to individuals;
  • Breach proper undertakings to maintain the confidence of information provided by third parties;
  • Breach statutory restrictions on the disclosure of information;
  • Cause financial loss or loss of earnings;
  • Unfair advantage for, individuals or companies;
  • Prejudice the investigation or facilitate the commission of crime; and/or
  • Disadvantage government in commercial or policy negotiations with others.

All information should be shared on a strict 'need to know' principle.

Material classified as PROTECT includes sensitive information (e.g. commercial or personal) that needs to be protected and one that does not have the higher level security dimension, and where the use of RESTRICTED would be excessive.

The PROTECT classification must be used for the transmission of personal sensitive data, particularly when several records are aggregated.

The highest level of security necessary for local government issues is RESTRICTED information.

If unauthorised access would be likely to meet one or more of the following criteria:

  • Cause substantial distress to individuals;
  • Breach proper undertakings to maintain the confidence of information provided by third parties;
  • Undermine the proper management of the public sector and its operations;
  • Disadvantage government in commercial or policy negotiations with others;
  • Impede the effective development or operation of government policies;
  • Cause financial loss or loss of earnings potential to, or facilitate improper gain or advantage for, individuals or companies;
  • Prejudice the investigation or facilitate the commission of crime;
  • Adversely affect diplomatic relations (this is least likely to affect most Council staff in their day-today activities); and/or
  • Make it more difficult to maintain the operational effectiveness of security of UK or allied forces (this again is least likely to affect most Council staff in their day-to-day activities).


8. Handling Protected Documents

PROTECT RESTRICTED

Clear desk policy

Protectively marked information must not be left unattended during working hours.

Protectively marked documents must not be taken out of the office unless appropriate security measures are in place and without the permission of the data owner, either through explicit permission or approved procedures.

Protectively marked information must not be left unattended during working hours.

Protectively marked documents must not be taken out of the office unless appropriate security measures are in place and without the permission of the data owner, either through explicit permission or approved procedures.

Hard Copy Storage

Can be stored in any lockable furniture.

Protectively marked documents should not be stored out of the office unless appropriate security measures taken.

Electronic storage

Stored in directories which are only accessible to personnel authorised to read documents

Portable devices

Information on computer disk, CD, memory-stick or other electronic media must be marked with the security classification of the most highly classified data stored on the device and it must be encrypted.

Protectively marked information must be stored on the corporate network; not saved on personal electronic devices.

Mobile devices should be equipped with software to enable the device to be tracked and remotely wiped of data in the event of loss/theft.

Email When sending sensitive personal data (especially in aggregate) or material marked "PROTECTED" by email over the public internet then this data must be to the standard or AES 256 bit encryption.

Material classified as RESTRICTED must not be made available via a website, or sent over non-secure email.

RESTRICTED may only be sent using the GCSx secure email system and to an email address which is capable of receiving the email, without it passing over the public internet.

PROTECT RESTRICTED

Telephone Information designated UNCLASSIFIED and PROTECT may be discussed / sent over non-secure telephone / fax lines.

Information protectively marked RESTRICTED must not be:

  • Discussed over a non-secure telephone line or non-secure mobile phone;
  • Sent over a non-secure fax line; and/or sent to a pager.

Post /courier

To send documents classified as PROTECT and RESTRICTED by post, envelopes must be addressed to an individual by name or job title and marked 'Addressee only'.

Do not include the classification on the envelope.

Consideration should also be given to using couriers and registered post.

Disposal All documents/ records must be linked to an approved retention and disposal schedule, see Retention of Records.

Once the document/record has reached the end of its lifecycle it should be reviewed and if no longer needed destroyed using approved secure processes, see below.

If data needs to be retained for a further period its review cycle established should be periodically reviewed.

Documents/records should be confidentially destroyed in a way that ensures the information can not be put back together and read/used. An entry should be made of its existence, the date it was destroyed and by whom in a "destruction manual". A confidential destruction certificate should be obtained and retained in a secure location.

Record Retention Period Commences

Serious Case Review Documents
100 years Date agreement given to commence review

Management Review Documents
100 years Date agreement given to commence review

Multi Agency File Audit Documents
100 years Date agreement given to commence review

GMSCB Board and Subgroup records and procedures; Child Protection Register; list of children subject of a Child Protection Plan; Adult or Child electronic or written records.

Electronic records to be subject to review every 10 years Permanent - review 70 years and offer to archive service Date of meetings / start date of procedure.


Appendix 1: GMSCB Secure Data Handling Policy

Click here to view Appendix 1: GMSCB Secure Data Handling Policy.

End