Information Security

Derby City Council takes its responsibility for information security very seriously.  The Council will protect the information entrusted to us by members of the public, our strategic partners and other third party organisations by:

• Maintaining compliance with relevant UK and European Union legislation e.g. the Data Protection Act 2018;
• Ensuring effective policies and procedures are in place to support secure working practices;
• Educating and training staff to handle and process information securely;
• Ensuring specialist staff are available to provide support and guidance;
• Investigating and learning from all actual and suspected security incidents;
• Continuously reviewing and improving our information security arrangements.

 All Council employees have a contractual responsibility to be aware of and conform to the Council’s values, rules, policies and procedures. 

Breaches of policy may lead to the employee going through the Council’s disciplinary procedure, in accordance with the Employee Code of Conduct and the Councils disciplinary policy and procedure.

Individuals who are not Council employees are contractually obliged to comply with the Council’s policies and failure to comply may lead to contract termination which could have an impact on the third party organisation employing them.

If a criminal offence is considered to have been committed by an employee or a contracted person further action may be taken to assist in the prosecution of the offender(s).