Search This Blog

Friday, November 30, 2012

NSW Information and Privacy Commission Annual Report

The NSW Information and Privacy Commission Annual Report 2011-2012 details a busy year:
"This year, the Information and Privacy Commission responded to 6,380 calls and received 275,702 website page views. We finalised a total of 898 matters over the year. The Office of the Privacy Commissioner (OPC) responded to a 60% increase in request for assistance, from 1,696 requests in 2010-11 to 2,712 in 2011-12.. The OPC completed 181 internal reviews, provided 109 advices, and finalised 102 complaints. The Office of the Information Commissioner finalised 280 information access reviews, 5 investigations, and 79 complaints."
There are many other activities mentioned in the report although it is thin on the outcomes from all this effort.

Two issues of concern regarding the office, delay and powers, rated a mention:
The two main criticisms the Information Commissioner received during the reporting period were that external reviews take too long and that our recommendations are not enforceable. While positive feedback was received on almost half of our cases, due to the backlog during the year, 15% of applicants were unhappy with the delays they experienced. We have implemented process and staff changes in response to that feedback. The fact that our recommendations are not enforceable is a feature of the right to information model adopted by New South Wales. It differs from its Queensland and Commonwealth counterparts in this respect. A right of review by the ADT exists, but the Information Commissioner can only make recommendations to agencies. This is an issue that will doubtless be considered when the GIIC Act is reviewed in accordance with Section 48 of that Act.
With regard to agency performance the report refers to work undertaken in preparing the first report (for 2010-2011) under section 37 of the Government Information (Information Commissioner) Act 2009, a report on the operation of the GIPA Act generally, across all agencies. 

That report is yet to be published.  

The Information Commissioner comments that  a clear baseline against which to assess overall public sector performance under GIPA is still to be developed, but the picture from available data
shows greater requests for Information Commissioner reviews than were predicted when the office was being set up and the function transferred from the NSW Ombudsman. It also shows a high level of awareness of the legislation and its impact on agency information management practices as well as the vital importance of a culture in agencies of openness and service to the public. 
The foundations of the GIPA act "appear well understood by agencies, and members of the public are exercising their enforceable right to access government information."

From these comments in the Directions for 2012-13 section the commissioner seems aware of performance reporting shortcomings:
"In the year ahead, I look forward to being able to provide better data to the Parliament and to agencies on their performance measured against the GIPA Act. Now that the new administrative arrangements across the public sector have been bedded down, it is important to focus on the optimal reporting regime that will allow the Parliament and the people of New South Wales to assess the benefits of the GIPA legislation. As a core outcome of GIPA, we should expect to see simpler and more streamlined access to government-held information....
What success looks like needs to be broader than checklist compliance with a set of requirements under the legislation; it needs to reflect an improved experience of responsive service that can then lead to greater public confidence in the processes of government. It will be seen in better communication with the public, informed by and in response to public feedback. As part of my champion role, my office will focus on improving advice and guidance via our website and e-learning tools about the GIPA Act. As part of my mandate to receive complaints and requests for reviews under the Act, we will continue to focus on
improving our timeliness and responsiveness in line with our service targets.

In the meantime the following extracts suggest significant weaknesses and problems still to be addressed in information access in many/some NSW agencies:

Record keeping and information management (emphasis added)
For the first year of operations under the GIPA Act we identified a number of trends in the complaints we received about agencies and in our reviews of agency decisions. A high proportion of those agencies seemed to have poor information management systems, processes or policies in place.These system inadequacies contributed to poor decision-making in response to access applications. The second year of GIPA reinforced this theme. Effective records management is vital in ensuring that agencies can respond in a timely and effective way to requests made as formal GIPA applications. Even more critical than this, however, is the fundamental importance of good information management practices to ensure that what can and should be released proactively is in fact released, and what needs to be managed in order to respect individuals’ privacy is well managed so that individuals’ privacy rights are properly protected. One of my key messages to agency heads, reinforced by the Privacy Commissioner in her role as champion of her legislation, is to emphasise the fundamental importance of good information management. Whether approached as a compliance risk, as a commitment to better services for citizens, or as means of delivering more cost effective business processes, the benefits to the public sector and the community in managing government information well are significant.

Agency processes (emphasis added)

We have found that inadequacies with agency systems can stem from a lack of resources, ineffective processes for dealing with GIPA requests, or, in some cases, confusion about the requirements of the GIPA Act. Some of the key system issues we have identified in reviewing agency decisions and investigating agency conduct include:
· inadequate systems and processes that enable the agency to follow the steps required under the GIPA Act in handling and processing access applications.
· some agencies have not updated their systems and procedures to accord with the GIPA Act, and are still applying the decision-making practices and procedures they used under the FOI Act.
· poor or outdated record-keeping systems which result in delays in locating requested information, putting pressure on staff who must locate information within the time-frame required under the GIPA Act, and
. the inability of agencies to supply accurate annual report statistics about
release of information under the GIPA Act, as required under section 125 of the Act.

Agency decisions (emphasis added)

The OIC assessed agency decision-making trends in preparing its first report to Parliament under section 37 of the Government Information (Information Commissioner) Act 2009 (NSW). We looked at complaints received about agencies and reviews of agency decisions in the first year of operations under GIPA, and found that a high proportion of agencies had poor information management systems, processes and policies. The system inadequacies contributed to poor decision-making in respect of access applications and agency non-compliance with the GIPA Act. In that period, of 154 reviews completed by the OIC, we made a recommendation regarding an agency’s systems or processes in 16 per cent (25) of these, due to delays in providing information, failure to appropriately locate information or failure to publish or release information. Additionally, 28 per cent of complaints received by the OIC over that time related to poor processes contributing to delays with processing, failure to locate information and failure to publish or release information.

Publication and pro-active release (emphasis added)

In September 2011, the IPC commenced a review of 266 agency websites to see if and how those agencies were publishing mandatory open access information required to be disclosed under section 18 of the GIPA Act. The websites reviewed were selected from: local councils; universities; state owned corporations; courts and tribunals; Ministers; principal agencies; and five agency websites from each of the nine principal departments.
We assessed agencies using four categories based on compliance with section 18 of the legislation and clause 5 of the GIPA Regulation requirements, as well as looking at how the information was presented and how accessible it was.
The categories were:
1. Exceptional - the agency website contained all of the required open access information, and was
presented in a manner that was easy to access by members of the public and hyperlinked documents were accessible
2. Basic - the agency website contained all the required open access information but accessibility or presentation could be improved.
3. Did not fully comply - the agency website contained some but not all mandatory open access information, showing that the agency had made an effort.
4. Poor - little or no open access information could be located on the website. Overall, 47 per cent of websites (125 agencies) complied with the open access requirements, with 53 per cent (142 agencies) non-compliant.
Of the 125 websites that complied with open access information requirements, 38 per cent of websites (48 agencies) demonstrated exceptional compliance, while 62 per cent of websites (77 agencies) complied with the basic legislative requirements.
Of the remaining 142 websites, 63 per cent of websites (89 agencies) contained some or most, but not all, of the required open access information. Of the rest 37 per cent of websites (53 agencies) had little or no open access information published on their websites.
The most common open access information that websites did not include were:
· the disclosure log
· the contracts register, or a link to the NSW Government’s e-tenders website containing the central government contracts register; and
· a record of open access information the agency does not make publicly available because the information attracts an overriding public interest against disclosure.
The common accessibility issues identified were:
· open access information being spread throughout the website
· the use of a variety of terms to describe the open access information required under section 18 of GIPA. This could potentially inhibit locating open access information depending on the terms input into a site’s search engine
· terminology used did not clearly correspond with the open access information required under section 18 of the GIPA Act. For example, policies located under ‘plans’ or ‘publications’, or documents tabled in Parliament under ‘policy’ ‘procedure’ or ‘guideline’. Search engines would often be required to locate this open access information during the website review
· some websites listed agency policies but did not provide links to the document or information on how to access the hard copy documents
· some websites noted that their contract register could be accessed on the NSW Government e-tenders website but did not provide a link to the e-tenders website
· some principal departments published information about their subsidiary agencies on their websites. The website did not always specify the sub-agencies for the information.

I haven't had a chance to look at the report concerning the Privacy Commissioner's side of the shop.

No comments:

Post a comment