Councils should review their information governance arrangements ahead of impending changes to data protection and online privacy laws, warns Socitm.

The society for digital leaders has published a new briefing outlining changes to data protection regulation, which are likely to be in place from 2018.

Entitled Data Protection, the report advises local authorities to prepare to update the information governance arrangements they currently have in place so they are ready for the enforcement of the new regulations.

A new EU-US Privacy Shield will be brought in to replace the Safe Harbor agreement of 2000. Operationally, the report says, the privacy shield will be at least as safe as before for UK public services to use US cloud service providers.

The second change will be the introduction of European Data Protection Regulation. This will update the law to accommodate new technologies and usage, such as online business transactions, social media and cloud computing.

The key principles set out in the draft are to increase digital security for individuals; make the data protection legislation suitable for the digital age; and reduce bureaucracy.

Dr Andy Hopkirk, head of research at Socitm, said: ‘Accommodating the changes will be a matter of amending existing processes rather than inventing new ones.’

He also warned some of the changes may be ‘onerous and problematic’.

For more on data protection, see our most recent comment piece.