Information Commissioner’s Office publishes inaugural Data Sharing Code of Practice

Data sharing is central to digital innovation in both the private and public sectors. It can lead to many economic and social benefits, including greater growth, technological innovations and the delivery of more efficient and targeted services.

Information Commissioner Elizabeth Denham suggest that the COVID-19 pandemic has brought the need for fair, transparent and secure data sharing into even sharper focus. “I have seen first-hand how sharing data between organisations has been crucial to supporting and protecting people during the response to the COVID-19 pandemic,” explained Denham. “That includes public authorities and supermarkets sharing information to support vulnerable people shielding or health data being shared to support the fast, efficient and effective delivery of pandemic responses.”

Provision for the Code of Practice was included in the Data Protection Act 2018 and it addresses many aspects of the new legislation including transparency, lawful bases for using personal data, the new accountability principle and the requirement to record processing activities.

Alongside the Code of Practice, the ICO has launched a data sharing information hub where organisations can find targeted support and resources. This contains data sharing FAQs, Case Studies, data sharing checklists and a toolkit on sharing personal data with law enforcement.

Denham is adamant that publication of the new Code of Practice isn’t a conclusion, but rather a milestone. “This Code of Practice demonstrates that the legal framework is an enabler to responsible data sharing and busts some of the myths that currently exist. I want my Code of Practice to be part of a wider effort to address the technical, organisational and cultural challenges for data sharing. The ICO will be at the forefront of a collective effort, engaging with key stakeholders. I know I can count on a collective effort from practitioners and Government to understand the Code and work with the ICO to embed it.”

As part of its ongoing work, the ICO is encouraging organisations currently  developing products and services that support complex data sharing in the public interest to apply for its regulatory Sandbox.

The regulator will also increase its engagement with organisations to help them understand the Code and promote the benefits of sharing data.

*For more information visit ico.org.uk/datasharing