Questions about town and parish councils
Follow Councillor Q&A on BlueSky

Follow us on BlueSky

0 votes
Please can I ask what you would do in this situation?

At our December's full council meeting a councillor raised a potential breach in data, saying that a confidential document that was sent only to councillors (payment list and bank statements) had an entry that identified an employee by first name. Just to be clear this payment list is the full version that is sent to councillors only and provides full details of payments to be made and not what is published online. We publish a basic version with no annotations etc. It was actually my assistant that put an employees first name on the councillor version when she was preparing full council documents, I agree it shouldn't have had a name but I don't believe it was a data breach as it was on a confidential document. The councillor that raised it said that it could be a breach as 'hypothetically' they may let members of their family use their email account so the documents wouldn't be safe. I reiterated that once emails leave my office they have a duty to keep them safe. It has also identified a training need for councillors.

The problem comes down to the minutes, I have written that a councillor raised a potential breach but was reassured it wasn't a breach as the document was confidential and only given to councillors. The minutes were not approved in January as this councillor wanted to minutes amended, so I did within reason. I have since received an email saying they are still unhappy as they want me to write that there has been a breach because they believe there has been. I've explained that I have amended the minutes once already and cannot alter them again as they wouldn't be a true reflection of what was actually said. I cannot amend minutes to reflect their feelings surely?

Even if it were considered a breach, the ICO are only interested if there is a risk to the data being shared and there is no risk. It simply had a first name against a payment which means nothing to anyone else reading it.

As a new clerk, this has happened to me more than once where one councillor repeatedly asks for minutes to be amended. What is the correct procedure if minutes need to be amended? (Thankfully this is the only time members have voted to change them and that was just to add more detail). Currently the chair will ask members to vote on whether they should be changed and if the majority vote to have them amended, they are reviewed at the next meeting where they are agreed and signed. Is this correct?

Thanks!
by (280 points)

2 Answers

0 votes
The Cllrs decide - and vote - for what is an accurate and appropriate reflection of previous meetings.
Once the vote has been executed, the minutes are either endorsed (by chair signature (if they are so inclined)) Or they are instructed, by a vote of the council, for amendment.
If there is a majority council vote to amend - the clerk makes amendments and re-presents to council r endorsement.
If, after endorsement / chair signature, and error is discovered, then a separate motion (and majority vote) is required to correct the highlighted error.
by (25.1k points)
0 votes
As usual I agree with Roundagain but talking of data breaches could you clarify your comment about relatives and  emails as it could read like they are using their own personal email accounts for Council business
by (12.6k points)
So at the meeting the councillor put forward their concerns over a data breach. I explained it wasn’t but to make their point, they said that they allow family members to use their email account and they leave their emails open and unattended when they are at work in a local shop. I told councillors that this in itself is a breach because the documents sent are at risk of being seen by a number of different people. The councillor is arguing that they think their point is more serious than my point and therefore wants me to write that I caused a breach. As soon as I was told this, I immediately password protected all sensitive information. I don’t know if this councillor does actually share their email account, part of me thinks they said this to make her point more valid without really understanding the consequences. After this incident I sent out some information around UK GDPR covering the dos and don’ts and they’ll be receiving training. I’ve looked into creating an outlook account for all councillors as sharepoint could be used instead of emails to share documents but it was rejected because of the cost. We could create free emails instead but this was also rejected as many of the councillors struggle with just one email account. How do you share your information?
Before I fully reply please  just clarify does each Councillor have their own designated email address just for Council business ?

On the face of it its being claimed if give Councillors confidential information in the form of letter and they leave ia for others to read it’s your fault ?
No they don’t have council email addresses, they each use their personal emails. I’m relatively new, in my first meeting I advised them to have council email accounts set up but this was rejected. Not only is this one councillor saying it’s my fault if they leave confidential documents for others to see, they are saying that one document that was sent by our assistant was a breach but their actions are not a breach.
Hopefully a Clerk on this forum will explain the best way around this as this just shouldn’t be happening as what would happen if say someone made a Freedom of Information request for the private emails ?
Personally I’d go the the Information Commissioner but reading between the lines no doubt the Councillors would retaliate against you

Welcome to Town & Parish Councillor Q&A, where you can ask questions and receive answers from other members of the community. All genuine questions and answers are welcome. Follow us on Twitter to see the latest questions as they are asked - click on the image button above or follow @TownCouncilQA. Posts from new members may be delayed as we are unfortunately obliged to check each one for spam. Spammers will be blacklisted.

You may find the following links useful:

We have a privacy policy and a cookie policy.

Clares Cushions logo Peacock cushion

Clare's Cushions creates beautiful hand made cushions and home accessories from gorgeous comtemporary fabrics. We have a fantastic selection of prints including Sophie Allport and Orla Kiely designs and most covers can be ordered either alone or with a cushion inner. Buying new cushions is an affordable and effective way to update your home interior, they're also a great gift idea. Visit our site now

3,140 questions
6,216 answers
8,654 comments
11,187 users
Google Analytics Alternative