Department for Constitutional AffairsPublications

| Publications | Press notices | Consultation papers | Reports and reviews | Research | Speeches | Annual reports | Legislation | Green papers | White papers | Better regulation | General guidance for individuals | Guidance for professionals | Statistics | Archive

|© Crown Copyright & Disclaimer

Home > Publications > Forms & Guidance > Guidance for professionals > Public sector data sharing - protocol checklist

Public Sector Data Sharing - Protocol Checklist

November 2003

  • It is good practice to have a protocol when sharing personal information with other organisations. However, check whether there are any easy wins to be had. There may be some existing data sharing arrangements which can be translated over into the new initiative.

  • Organisations that have an interest in the project should get together to form a Steering Group. The Group should be responsible for developing and monitoring the protocol.

  • The size, scope and the resources of the organisations involved will determine the membership of the Steering Group. Appoint senior and experienced representatives from each organisation to the Group and consider whether the Chief Knowledge Officer (CKO) needs to get involved in the arrangements at an early stage.

  • The Steering Group should seek to access resources, (funding) and knowledge. Involve or establish contact with lawyers, data protection officers, Caldicott Guardians and IT specialists (where relevant).

  • Consult the public, interest groups and relevant associations to help determine whether there is a real need for the project, what the specifics and the focus of the project should be, and whether there are any objections, or difficulties that need to be worked out.

  • Consider whether the views of stakeholders and subcontractors need to be represented in some way. For instance, it may be appropriate to bring them together in a sub-group, to discuss particular topics in detail.

  • It is also worthwhile asking staff about any perceived and actual barriers to data sharing.

  • Gather information by looking at best practice. The experiences of other organisations in drafting and implementing data sharing protocols will prove invaluable.

  • The protocol should be clear and concise. It must follow a logical sequence and should be easy to follow. It should also include realistic goals and measurable outcomes. The protocol will need to be referred to, and approved by, the CKO or a senior member of staff.

  • In some cases, implementation may need to start with a pilot phase. This will help address any operational problems, which could not have been foreseen at an earlier stage. Also take account of any pressures that there might be on your timetable.

  • Before the pilot phase it is important to check that:

    1. The role and responsibilities of partner organisations have been agreed.

    2. Staff have been appointed and adequate training has been provided to ensure that they have sufficient knowledge and skills to implement the proposed data sharing agreement. (Awareness sessions for staff and information leaflets for the public would be useful).

    3. Operational standards and procedures have been agreed to ensure accuracy of information and good records management.

    4. At the end of the pilot phase, the protocol will have to be evaluated and resubmitted to the Steering Group if necessary.

  • The protocol should be approved and signed by a senior person from each organisation involved.

  • Ensure that the agreement to share data with other organisations is covered by the notification made to the Information Commissioner. If it is not, then the original notification will need amending.

  • Publish the document, for example on your website.

  • Regularly monitor and review the protocol.

 

 

© Crown Copyright