Information Charter


This Information Charter sets out the standards the Council aims to achieve with regard to the information we collect, hold and manage.

The Charter applies to all the information that the Council holds, in any format including personal information held about individuals. It supports compliance with the requirements and principles of the law relating to information, including the Data Protection Act 1998, Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.

The Charter explains how you can get access to information held by the Council and what you can do if you think standards are not being met. It will also assist individuals or organisations to understand how Council information is treated and when we will consider it for disclosure, sharing, storage and destruction.


The Council's Information Champions own this charter on behalf of the Council and Executive Management Team which - with the support of all Councillors, and all council staff - are responsible for its implementation.

The members of Executive Management Team as Senior Information Risk Officers (SIROs) will ensure that information governance policies and procedures are reviewed and implemented across all Council business functions to ensure opportunities for ongoing improvement are maximised.

Information Asset Ownership is recognised as vital to sound information governance and officers identified as Information Asset Owners will actively manage and monitor the full lifecycle of the information in their charge, from its creation through usage, amendment and storage through to archiving and/or destruction.

Each Information Asset Owner is responsible for ensuring that their policies, processes and staff are compliant with information governance law and good practice requirements and that all staff and contractors are trained in and are aware of their responsibilities.

Each Council officer who handles information has a responsibility to ensure that the requirements of confidentiality, integrity and availability are maintained at each stage in the information lifecycle.

The Council recognises that there is always a possibility of human error. This Code explains what we will do to put things right if a mistake is made.

Types of information

The Council holds both personal and non-personal information in a variety of databases and information stores which are critical to its service delivery and regulatory functions, together with systems relating to support functions such as human resources, facilities and finance.

How our information is managed

The Council has committed to manage, maintain and protect information according to legislation, documented policies, procedures and best practice.

Security measures maintain and safeguard the confidentiality, integrity and availability of our systems and data, and support officers in ensuring that information is stored, processed and communicated in a secure manner making it reliably available to properly authorised users. 

The Council is also committed to the proactive dissemination of publicly-funded information where appropriate: in the interests of openness and accountability, we will routinely publish Council information unless restricted by legislation or the Public Interest.

Personal information

The Council acknowledges the importance of protecting customers' privacy and strives to comply with all relevant legislation and best practice to achieve this.

We will safeguard your information and in most circumstances will not disclose personal data without consent, unless required to do so by law. If we ask customers for personal information we will:

  • let them know why we need it, where it is not obvious
  • only ask for what we need, and not collect excessive or irrelevant information
  • make sure nobody has access to it who should not
  • let customers know if we share it with other organisations, and
  • only keep it for as long as we need to in accordance with published retention criteria.

If we fall below these standards we will implement the information risk recovery policy, and, in particular we will:

  • tell you what has happened and why
  • tell the Information Commissioner, and cooperate with him in any investigation he decides is needed.

In return, to keep information reliable and up to date, we ask customers to:

  • give us accurate information, and
  • tell us as soon as possible of any changes, such as a change of address.

Access to personal information

You can find out if we hold any personal information about you by making a 'subject access request' under the Data Protection Act. If we do hold information about you we will:

  • give you a description of it
  • tell you why we are holding it
  • tell you who it could be disclosed to, and
  • let you have a copy of the information in an intelligible form.

We handle all information in a manner that respects the rights of individuals and which complies with the requirements of the Data Protection Act. To make a request to the Council for any personal information it may hold you need to put the request in writing to the Data Protection Officer at the address below.

If we do hold information about you, you can ask us to correct any mistakes by contacting us using the same contact details.

Access to general information

The Freedom of Information Act 2000 enables the public to have access to unpublished information, including information about the environment from a public body subject to certain conditions.

The Council is committed to the proactive dissemination of information in the interests of openness and public accountability and will publish information unless restricted by legislation or the Public Interest.
Details of how to make a request for information as well as any queries about making a request can be found at LINK or from the address below

Legislation - disclosure of information

The Freedom of Information Act 2000 and the Data Protection Act 1998 have a number of exemptions which must be considered before publication or disclosure. However, we will not automatically withhold information simply because it falls into a relevant exemption. We will assess the impact of disclosure in relation to the requested information and make a decision on a case-by-case basis (except where we have decided that information of that type should be published proactively).

Section 59 of the Data Protection Act 1998 makes it an offence for the Council or member of his staff to knowingly or recklessly disclose information that has been obtained or provided for the purposes of the Act without lawful authority.?

Factors we will take into account when considering whether information should be disclosed will include the following.

  • The extent to which the information, or some of it, is already in the public domain.
  • Who is asking for the information and why they want it.
  • The extent to which a requester is prepared to give an assurance of confidentiality and the extent to which this can be relied on.
  • Whether the needs of the requester can be met by supplying part of the information or supplying it in a different form.
  • Whether the information is personal in nature and the extent to which its disclosure would be an intrusion on privacy.
  • The reasonable expectations of the person or organisation who supplied the information to the Council as to confidentiality, onwards disclosure etc.
  • Whether disclosing the information would be likely to prejudice the Council's functions, for example, by undermining an investigation, development of public policy or a potential prosecution

You can also obtain more information on:

  • agreements we have with other organisations for sharing information
  • circumstances where we can pass on your personal data without telling you, for example, to prevent and detect crime and to produce anonymised statistics
  • our instructions to staff on how to collect, use and delete your personal data, and
  • how we check that the information we hold is accurate and up to date. 


This Charter will be reviewed annually and updated to take into account changes in legislation or Council policies.

On Behalf of Sunderland City Council we:

  • value the personal information entrusted to us and make sure we respect that trust;
  • go further than just the letter of the law when it comes to handling personal information, and adopt good practice standards;
  • consider and address the privacy risks first when we are planning to use or hold personal information in new ways, such as when introducing new systems;
  • be open with individuals about how we use their information and who we give it to;
  • make it easy for individuals to access and correct their personal information;
  • keep personal information to the minimum necessary and delete it when we no longer need it;
  • have effective safeguards in place to make sure personal information is kept securely and does fall into the wrong hands;
  • provide training to staff who handle personal information and treat it as a disciplinary matter if they misuse or don't look after personal information properly;
  • put appropriate financial and human resources into looking after personal information to make sure we can live up to our promises; and
  • regularly check that we are living up to our promises and report on how we are doing.


Signed ...Paul Watson Signed ...Dave Smith


Leader of Sunderland City Council Chief Executive



Date __________ 2010

Print Share