Comments by the Information Commissioner’s Office (ICO) earlier this week, together with large fines, show the importance of ensuring organisational policies and procedures are fully integrated into day to day working practices.
Croydon Council was fined £100,000 and Norfolk County Council £80,000 for breaching data protection laws. In Croydon, papers containing details of child sex abuse were in a social workers’ unlocked bag stolen from a pub and in Norfolk, details of allegations regarding a child’s welfare were sent to the wrong parent.
The ICO said that while data protection guidance was available in Croydon
“it was not actively communicated to staff and the council had failed to monitor whether it had been read and understood”
Although Croydon Council have stated that they will be appealing the decision, the ICO’s comments are a serious reminder that organisational policies and procedures cannot stand in isolation. A genuine commitment to the aims and contents of organisational policies, together with full staff understanding is central to preventing the unfortunate experiences in Croydon and Norfolk.
Considering the pressures facing today’s workplace it is more important than ever to invest in developing a workforce that has the relevant knowledge and understanding to carry out their roles effectively and safely. If the commitment is genuine there are many ways an organisation can ensure policies and procedures are seamlessly absorbed into day to day working practices, preventing unnecessary disruption, claims of work related stress, damage to reputation and minimising financial risk.
- A genuine commitment to continuous improvement
- Build managers’ confidence to manage with open discussion, monitor understanding and review against quality standards
- A genuine approach to staff involvement in policy development
- Effective and efficient staff learning and development on policy implementation