FOI release

GDPR policy and data impact assessments about use of personal emails

Case reference FOI2022/00486

Published 28 April 2022

Request

I would like a copy of your GDPR policy, and data impact assessment of use of personal emails and data governance audits to ensure compliance with legal requirements.

Response

Please see the attached policies.

Please note that these policy documents are applicable to Herefordshire Council staff only and where Herefordshire Council is the Data Controller. The council has not completed a Data Protection Impact Assessment around the use of personal emails for conducting council business because this is strictly forbidden. Individuals processing council data and accessing council networks are not able to do so without having a corporate system login and email address.

Documents

• 2021_Data_Protection_Policy.pdf (561.6 KB)
• Information Security Policy 2021 V1.2.pdf (609.9 KB)

This is Herefordshire Council's response to a freedom of information (FOI) or environmental information regulations (EIR) request.

You can browse our other responses or make a new FOI request.