Information Governance
Introduction
Handling information properly is an important part of our legal responsibilities. This means we must follow good information governance practices, which include:
• Protecting information so it is kept secure and used appropriately.
• Providing access to information when the law requires it, such as responding to FOI or EIR requests.
• Managing our records well, making sure they are accurate, organised and retained or disposed of in line with our policies.
Statutory Framework
Our statutory framework is the set of laws we must follow to make sure we look after information properly.
These laws tell us what information we must publish, how we should respond to requests for information, and how we must protect personal data. They ensure we are open, transparent, and handle information safely and legally.
For the Care Inspectorate —this includes laws such as:
• Freedom of Information (Scotland) Act 2002, which gives the public the right to request information and requires transparency unless an exemption applies.
• Environmental Information (Scotland) Regulations 2004, which gives people the right to access environmental information.
• Data Protection laws, which set out how personal information must be handled safely.
• Publication and Re-use, which requires the proactive publication of certain types of information.
• Public Service Reform (Scotland) Act 2010, which places duties on us to publish certain information to support transparency and accountability, such as the care service register
• Records Management, Ensuring we create and keep records that support our work and help us meet legal and business obligations.