The review's final report concludes that:
- there is a lack of transparency and accountability in the way organisations deal with personal information
- there is confusion surrounding the Data Protection Act, particularly the way it interacts with other strands of law
- greater use could be made of the ability to share personal data safely, particularly in the field of research and statistical analysis
- the Information Commissioner needs more effective powers, and the resources to allow him to use them properly.
The report makes a series of recommendations, aimed at transforming the personal and organisational culture of those who collect, manage and share information:
- to improve leadership, accountability and training within organisations
- to ensure all organisations are as transparent and open as possible about how and with whom data are shared, with what authority, for what purposes and with what protections and safeguards
- to clarify and simplify the legal framework governing data sharing, including provisions to guarantee better and more authoritative guidance for practitioners
- to introduce a new statutory procedure to remove unnecessary legal barriers, whilst maintaining robust privacy protections
- to enhance the role of the Information Commissioner's Officer, providing more robust and properly-resourced powers
- to develop mechanisms that will enable population-based research and statistical analysis for public benefit, whilst safeguarding the privacy of individuals
- to help safeguard and protect personal information held in publicly available sources.
You can obtain a hard copy of the report by contacting the review team.
- Data Sharing Review report [PDF 0.48mb, 80 pages]
- Data Sharing Review report - annexes [PDF 0.59mb, 112 pages]