Information is critical in enabling us to deliver our services.  ICT governance is about ensuring that all the information we encounter – whether about people or the organisation – is handled properly throughout its life cycle.  All information must be collected, stored, used, shared and disposed of appropriately and securely by following legal requirements and best practice.

Sometimes responsibilities are not set by the organisation but are required by external bodies.  These include the Care Inspectorate, the Scottish Housing Regulator (SHR) and the Scottish Social Services Council (SSSC).  The SHR Code and the SSSC Code of Practice apply to all aspects of this policy.  Additionally, we must meet the requirements of the Cyber Essentials scheme run by the National Cyber Security Centre.

We are subject to The Data Protection Act 2018 (the UK’s implementation of the General Data Protection Regulation), as well as the Freedom of Information (Scotland) Act 2002.

This policy defines our shared responsibilities in the use of any device, technology service or communications service used in support of our work.

This policy exists to protect those who receive support or housing from us, those who work or volunteer with us, visitors, contractors and lastly the organisation itself.  All members of staff, as defined in our Staff/Applicant Privacy Notice, are obliged to familiarise themselves with this policy and refer to it on an ongoing basis to ensure that its terms are implemented and complied with.

A summary of responsibilities for all staff is provided, but we strongly encourage everyone to read the complete policy for the fullest understanding or if you are looking for greater detail about any specific area.