IDG55330 - Information disclosure Gateways with other government departments:Part 5 of the Digital Economy Act 2017 Chapter 1 - Public Service Delivery- procedure for disclosure
Requests to HMRC for access to information under Section 35, 36 or 38 of the Digital Economy Act must be passed to the Data Directorate Data Sharing Service ‘Front Door’ team (This content has been withheld because of exemptions in the Freedom of Information Act 2000)
The ‘Front Door’ Team will ask the requesting department/organisation to complete a Business Case Template.
The requesting department must have regard to the Code of Practice and must complete the Template as well as a data protection impact assessment and security plan. As required by the Code, the Business case should reflect the outcomes of any public consultation or decision as to why a public consultation did not take place.
The Front Door Service will seek confirmation from the Data & Information Policy and Disclosure team that the request falls within the parameters and purpose of the legislation. It will then ensure that an impact analysis (including cost analysis) is carried out and that security requirements have been met.
Once all the requirements have been met and the information share has been agreed, the Front Door team will include the information share on the searchable electronic register as required by the Code of Practice.
The relevant Security and Information Business Partner (SIBP) Team of the Directorate that holds the information will then work with the requesting department to agree an information sharing agreement (Memorandum of Understanding) and will help draw up a Data Protection Impact Assessment (DPIA) for HMRC. Once this has been done and the information share has commenced, the requesting department will ensure that the business case, information sharing agreement (Memorandum of Understanding) and data protection impact assessment are made available to the general public subject to any redactions. The documents for the public domain must be agreed with the relevant SIBP teams prior to release.
If the information share is for a defined period of time only, when concluded, the requesting department will ensure that all information which does not need to be retained will be destroyed. It will then review the arrangement and consider publishing the findings including an assessment of the benefits.
(This content has been withheld because of exemptions in the Freedom of Information Act 2000)