Anglesey council bids to curb access to sensitive data

A local authority is to consider curbing unrestricted access by councillors and officers to parts of its headquarters.

Anglesey council is worried about access to confidential data in its housing, social services, finance and legal services departments.

The council's authority's standards committee will examine a report on the matter on Wednesday.

Leader Clive McGregor said: "It's something every council has to do."

The move comes after a complaint last year by officers in the housing department concerning an apparent breach of data protection regulations.

Access to the council's IT and human resources departments is already restricted.

But the council now wants to reduce the risk of data breach and heavy penalties for failing to comply with the Data Protection Act (DPA) 1998.

A council report on the matter said that between 1 January and 4 November 2010 councillors made 91 separate visits to the council's housing service's back office areas.

The report states: "This level of access to offices poses a level of risk that is not compatible with the DPA."

It adds: "Access to the high risk areas should be restricted as a soon as possible to those with legitimate business purposes for access. Members do not require access to these areas.

"It is not likely that removing the automatic and comprehensive access rights of members would prove to be an obstacle to effective working."

Mr McGregor said: "It's been brought about by the need for us to comply fully with the Data Protection Act in terms of handling data.

"We have had various warnings that we were not as compliant as we ought to have been."

'Stiff fines'

Mr McGregor said he had signed a personal undertaking that the authority would comply.

"If we do not, we are liable to some pretty stiff fines," he said. "It's a stitch in time."

Mr McGregor, who is stepping down from his post in May, denied that the move in any way damaged the perception of councillors' trustworthiness.

"That would be an extreme view and not one the majority of members would canvass," he said.

Mr McGregor said the matter would be considered on Wednesday and then put before the full council, perhaps in May.

Former council leader Gareth Winston Roberts said he thought the move was "essential".

Mr Roberts, an independent member for Amlwch Rural, said he supported the recommendation and backed both the introduction of a "clear desk policy" and an upgrade for the council's security pass system.

A council spokesperson added: "The report to be presented to the Standards Committee on Wednesday forms part of an ongoing review to ensure data protection and security of personal data in accordance with the seventh data protection principle, which states that authorities must have adequate systems and procedures in place to protect personal data.

"The review will also consider the current rights of access for officers, as well as those of members, and ensure that access is determined by a legitimate business need."