Information security

Information security is concerned with ensuring that we keep information confidential, accurate and available to those who need it. The council stores information in many formats such as emails, letters and CCTV footage.

Herefordshire Council realises its responsibility when dealing with confidential data, both personal and commercial, and follows current legislation such as the

• Data Protection Act 1998
• Human Rights Act 1998
• Freedom of Information Act 2000
• Environmental Information Regulations

A copy of the council’s corporate information security policy is available below.

What confidential information do we hold about you?

The confidential data the Council holds about you will depend on what Council services you use.  Some examples are

• Financial data for Council Tax Payments
• Care records for children and vulnerable adults

What we do to keep your data secure?

The council’s Information Technology and Modern Records Department are certified to ISO 27001 the international information security standard. The standard sets out controls to ensure information is held and used securely.

Our certification is just one of the ways the council shows its continuing commitment to ensuring that sufficient safeguards are in place, not only to comply with current legislation, but also with the aim of ensuring that those who entrust us with their information do so knowing that the council is committed to information security, both to maintain the confidentiality of personal and commercial information where appropriate, but also to ensure that any information held is as accurate and up-to-date as possible.

For further information about ISO 27001 please contact the Information Security team via infosec@herefordshire.gov.uk or tel: 01432 260500.