Skip to content

We use cookies on this site

If you don't want to accept cookies, you can change your preferences

Accept Manage cookies
  1. Home
  2. About the council
  3. Information governance
  4. Data protection

Elections on 2 May

Elections for the next Mayor of London and London Assembly members, as well as the by-election for Hillrise ward, will take place on Thursday 2 May. You must now show photo ID when you vote at polling stations. See a full list of accepted forms of ID.

Find your nearest polling station.

Town Hall icon

Information Commissioner's Audit

Islington Council’s practices for handling personal information were audited by the Information Commissioner’s Office (ICO) in early 2015.

Our customers, service users and residents need to be confident that their personal and sensitive information is properly safeguarded, and so continuous improvement in this area is a council priority.

Like many public bodies, we have reported several data breaches to the ICO in recent years, so we willingly accepted the Commissioner’s offer to conduct an audit. We saw this as an opportunity to help us reflect on our current practices and suggest areas for further development.

Following this audit, the ICO, which is responsible for promoting and enforcing compliance with the Data Protection Act, has given Islington a Yellow (‘reasonable assurance’) rating – which is the second highest category and the rating that is most consistently given to local authorities which have been audited in recent years.

There were several areas of good practice highlighted in the audit, including:

  • Our development of a robust, fit-for-purpose ICT infrastructure
  • Our use of mandatory online training for all staff with access to the IT system
  • Our clear policies on handling data breaches or IT security incidents (including near misses)
  • Our development of a Cloud policy to guide those considering using cloud-based storage or applications

Many of the recommendations for improvement contained in the report have already been implemented. In addition, we have agreed to complete other actions such as:

  • Continue to embed Information Asset Registers to ensure that senior managers have a complete overview of information risk across the council 
  • Develop an e-learning training module for new starters and locums working in Adult Social Services
  • Standardise processes and guidance for dealing with Subject Access Requests
  • Comply with Payment Card Industry guidelines on how card data is stored. A project is underway to address this issue
  • Progress will be monitored by the Corporate Director of Finance, who is Islington’s Senior Information Risk Officer, a statutory position. We will make a progress report to the Information Commissioner in approximately six months’ time
Was this information helpful?



Data protection: We will handle your personal information in line with the Data Protection Act 1998 and in accordance with the council’s Fair Processing Notice.