Jersey Data Protection Authority Meeting
MINUTES
|
12:45 – 17:50 29 April 2019 Jersey Office of the Information Commissioner Offices, Jersey
|
|
Chairman Present: Jacob Kohnstamm |
|
Voting Members Present: Gailina Liew Clarisse Girot David Smith |
|
Non- Voting Members Present: Paul Routier MBE - Advisor Dr Jay Fedorak – Information Commissioner |
|
In Attendance: Paul Vane - Deputy Data Protection Commissioner Claire Le Brun – Finance Manager Adrian Hayes – Compliance and Enforcement Manager [& Internal guest speaker] Anne King - Communications and Operations [& Note taker] |
|
Guest Speaker: None |
|
Apologies: None |
|
|
Item |
Action |
|
1.0 |
Chair call to order & welcome. Board agreed minutes; · 29 October 2018 · 7 January 2019 Board agreed to post minutes on JOIC website. |
Board agreed minutes. |
|
1.1 |
Board discussed setting up a joint board meeting with Guernsey Data Protection Authority Board. |
|
|
2.0 |
Board Governance, Operations and Procedures |
|
|
2.1 |
JDPA Corporate Governance Protocol Board discussed the protocol. Amendments to casting vote item, role of board in the law, process of decision-making and fines. Board delegated Article 10 Functions; · discussion regarding fining process · Information Commissioner confirmed that all formal Decision Notices would be posted in unidentifiable form.
Board decided to keep list of possible legislative amendments, where it identifies a need. |
Amendments to be implemented as directed.
List of possible amendments to be kept as directed. [See end of minutes] |
|
2.2 |
Appointment of Auditors Jersey Office of the Information Commissioner (JOIC) is taking advice on accounts format in order to send out draft invitation to tender for auditors.
Finance Manager confirmed that JOIC will be implementing a new finance system on 1 August 2019 and will be running a dual system until beginning 2020. |
JOIC to confirm that Government of Jersey organising 2018 auditors. |
|
2.3 |
JDPA Oversight of Freedom of Information (FOI) Functions Following a discussion covering appeals, tribunals and FOI expertise, the Board decided not to see further formal oversight of the FOI functions of JOIC. |
Chair to explain issue to the Minister but not recommend change. |
|
2.4 |
Conflicts of Interest Policy Board discussed declaration of interests register. |
Board members to ensure complete entries in the register. |
|
3.0 |
Upcoming Board Events |
|
|
3.1 |
States Assembly Lunch – the board discussed the agenda and seating arrangements for the States Members. |
|
|
3.0 |
JOIC Update – Commissioner |
|
|
3.1 |
Performance Statistics The Compliance and Enforcement Manager presented the first quarter case statistics to the board. Current number of cases 143 between three caseworkers. JOIC looking to improve on completing cases duration and closing down cases. The board received a brief overview of Case Data. JOIC confirmed that breach data is being tracked, including how many require data subject notification. Board discussed ‘risk’ and caution – are Data Controllers being over cautious in reporting breaches and what are the risks to data subjects.
|
|
|
3.2 |
Financial Performance The Finance Manager highlighted the financial outcomes for Q1 2019. Board discussed frequency of reports.
|
Board decided to receive quarterly financial reports. |
|
3.3 |
Staffing Update The team has now been strengthened with offers made to both a Communications Officer and a Finance/Accounting Officer. Allowing JOIC to increase public awareness and governance. The addition of a junior caseworker will give compliance additional resource for complaint and breach investigations. Further discussions took place regarding the role of digital/policy and legal. |
New positions and offers approved by the Board.
Board agreed JOIC to look for a legal & policy adviser and employ IT on an ad hoc basis. |
|
3.4 |
New Office Update New office refurbishment delivered under budget. All very happy with the results. |
|
|
3.5 |
Strategic Plan Board discussed the updated document and made additional suggestions regarding content, linking objectives and metrics, SMART measurements. |
JOIC to amend Strategic plan for discussion at August meeting. Strategic Plan to be on quarterly Board Agenda. |
|
4.0 |
Proposed Revenue Model Update – Deputy Commissioner Deputy Commissioner presented new revenue model proposal to the Board. New model to be discussed with stakeholders. Proposed new model to go out to public consultation in June/July.
|
JOIC to update Board on consultation responses.
|
|
5.0 |
Any other business 5.1 The Board accepted the 2018 Annual Report. 5.2 Agreed to try to plan 2020 board dates to coincide with Guernsey Data Protection Authority. Including discussions regarding the memorandum of understanding with Guernsey. 5.3 New board member was discussed. |
Invite Commissioner Martins and Guernsey Board Chair to Jersey – propose 2 dates. |
|
6.0 |
The Compliance and Enforcement Manager shared an update with the Board on an ongoing enquiry, giving background as to how JOIC investigate a complex case. |
JOIC to establish a separate reporting category for case data to identify where JOIC rather than complainant initiates an investigation. |
|
7.0 |
The meeting closed at 17:50 |
|
