Data Management Flashcards
Commissioners for Revenue and Customs Act (CRCA) 2005
(What it covers)
Information Disclosure
States all info held by the VOA is covered by the duty of confidentiality.
Specifies the circumstances when that information may be disclosed.
Criminal offence to disclose personal or confidential information to someone without the right to receive it.
Ensures Taxpayers info and any info held in conjunction with our statutory duties is secure
What does Commissioners for Revenue and Customs Act (CRCA) 2005 set out
Information Disclosure
Functions of VOA
1 - Rating lists
2- council tax valuation lists
3 - valuation of property or matters in connection with the valuation of property.
The UK General Data Protection Regulation (GDPR) 2018
Information Disclosure
controls how personal information (including property personal information) about living individuals is used by organisations, businesses or the government.
Gives living individuals the right to obtain access to their personal data (find out what information organisations holds about them.)
For the VOA applies to info on employees, customers and taxpayers.
The Freedom of Information Act (FOIA) 2000
Information Disclosure
Provides the public with access to information held by public authorities eg copies of board meeting minutes
- Public authorities are obliged to publish certain information about their activities.
- Members of the public are entitled to request information from public authorities.
Relevant to England, Wales and Northern Ireland, and by UK-wide public authorities based in Scotland.
The Environmental Information Regulations (EIR) 2004
Information Disclosure
Provide public access to environmental information held by public authorities in England, Wales and Northern Ireland.
- Public authorities must make environmental information available proactively.
- Members of the public are entitled to request environmental information from public authorities.
Commissioners for Revenue and Customs Act (CRCA) 2005
How does it affect VOA and what section applies
Information Disclosure
Section 19 of CRCA covers wrongful disclosure and makes it a criminal offence for VOA employees to disclose information where it identifies a person or enables a person’s identity to be deduced.
Commissioners for Revenue and Customs Act (CRCA) 2005
Excemptions (when you can disclose info)
Section 18 of the Act sets out the specific circumstances when information can be disclosed if:
1- is essential for one of our functions
2- is allowed by a specific piece of legislation (e.g. a statutory gateway under Local Government Finance Act)
3- is with the consent of the taxpayer, customer or client
4- is in the course of civil proceedings in the course of our work (e.g. Valuation Tribunal hearings).
Eg disclose rental information when dealing with a rating challenge proposal (IPP in Wales).
UK General Data Protection Regulation (UK GDPR) 2018
How to request Data
Requested via writing (by email or online) or verbally. Known as a Subject Access Request (SAR) and does not have to mention UK GDPR. A verbal request for property information cannot always be answered verbally.
May need verification of the person’s link to the property
Deadline of one month to respond to a request.
UK General Data Protection Regulation (UK GDPR) 2018
Who are ‘living individuals’
Any person or individual
Does NOT include legal entities such as companies, or relatives of the deceased do not have the same rights. An executor has no right of access to the deceased’s data.
Freedom of Information (FOI) Act 2000
How to request data
Requests must be made in ‘permanent form’ (such as letter, email or fax), include the requester’s name, address and clearly describe the information wanted.
Freedom of Information (FOI) Act 2000
What is meant by applicant and purpose blind
Status or position of the requester and their reasons for asking for their information, are irrelevant to the VOA’s handling of the request.
Requests must be in permanent form with 20 working days to respond
Environmental Information Regulations (EIR) 2004
How are requests for info given and what are the deadline
Verbally
Helps to confirm whats being requested in writting.
20 working days deadline to respond
made by another public authority is not formally treated as an EIR request unless it explicitly states that the request is made under EIR
Environmental Information Regulations (EIR) 2004
What does the term Environmental information mean
Broad term and includes any information that is about or impacts upon the environment, such as recycling, habitat losses and building developments
Freedom of Information (FOI) Act 2000
Breaches of FOIA 2000
- Failure to respond adequately to a request for information.
- Failure to adopt the model publication scheme.
- Not publishing the correct information and deliberately destroying, hiding or altering requested information to prevent it being released.
This is a criminal offence that both an individual and the Agency can be charged with.
FOIA, EIR, CRCA, GDPR
Time limits for response time & penalties
CRCA no time limit, depends on business area. Penalties are a criminal sanction with maximum penalty of two years imprisonment, an unlimited fine or both, or VOA disciplinary action
UK GDPR one month from date of receipt, requests forwarded to the Information Rights and Ministerial Correspondence Team (ICO)
ICO’s remit does not cover CRCA
FOIA and EIR no later than 20 working days after receipt by the VOA.
Who is responsible for Disclosure
Specific Teams in VOA
Everyone
**Information Asset Owner (IAO) ** accountable for decisions made regarding the creation, capture, maintenance, management, disposal and disclosure of information.
Information Law and Disclosure Team (ILD)
advice and guidance on the disclosure of VOA information
Security Team specialist advice and support on the security of Agency information and assets and govern the process of transferring information
Commissioners for Revenue and Customs Act (CRCA) 2005
Key Acts
**Section 17 Use of Info **- allows sharing of information held for one function with another function (across HMRC and VOA).
Section 18 Confidentiality - circumstances when HMRC and VOA **may **disclose information outside HMRC and VOA
Section 19 Wrongful Disclosure- means it is a criminal offence to disclose info
Section 20 & 21 - when information can be disclosed where it is either in the public interest or is to a prosecuting authority. Very restricted.
Section 22 and 23 GDPR & FOIA - rights to information under Data Protection and Freedom of Information and sets out how these requests should be treated
What regulation governs laws on data protection and privacy?
UK General Data Protection Regulation 2020
What are the GDPR consumer rights?
A - Access
C - Consent
C - Correction
E - Erasure
P - Data Portability
ACCEP
(Accep your rights)
What are the 7 principles of data protection
- Lawfulness, fairness, transparancy
- Accuracy
- Data minimisation
- Purpose limitisation
- Accountability
- Security
- Storage limitation
8 individual rights under GDPR
- Right of Access
- Right to object
- Right to rectify
- Rights relating to automated decision making and profiling
- Right to be informed
- Right to data portability
- Right to erasure
- Right to restrict processing
Who are the key persons
- Controller
- Processer
- Data protection officer
Consequences of a data breach under GDPR/Data protection
$20mil/ £17.5mill or 4% turnover whichever is highest
Tell me about the limitation act 1980
that sets out rules for how long someone can take legal action to recover money they are owed.
6-15 years
