Courses take place in:

Edinburgh

It can sometimes be challenging to reconcile Freedom of Information and Data Protection laws. Understanding the interface between the Freedom of Information (Scotland) Act 2002 (which applies only in Scotland), the Environmental Information Regulations 2004 (which applies throughout the UK), and the Data Protection Act 1998 (which applies throughout the UK) is essential for all those involved with information management in the public sector.

This session, which is designed for people who already work with FOI or data protection issues, explains the key principles underlying the differences between these important laws, including when personal data should and should not be released in response to subject access requests and FOI/EIR requests.

The session includes:

• the latest thinking on determining what is personal data: guidance from the Information Commissioner and the Article 29 Working Party
• knowing whether a request should be dealt with under the DPA or FOI law (or EIRs)
• the interpretation and practical application of the personal data exemption
• the legal principles governing access to third party information
• applying the Data Protection Principles where relevant
• applying any relevant exemptions
• disclosing staff information to third parties
• analysing the practical implications of key decisions of the Commissioner and Tribunal
• disclosing third party data of professionals in the fields of health, education and social work

This session enables delegates to understand how to manage requests for information, and to achieve best practice within their organisation.

The day will be a mixture of presentation and practical exercises. There will be plenty of opportunity for questions.