Information Sharing - Gloucestershire Information Sharing Partnership Agreement
Where any project involves the sharing of personal data, an Information Sharing Agreement is required.
We have created and reviewed the Gloucestershire Information Sharing Partnership Agreement (GISPA) to enable organisations to share important information in line with data protection principles set out in UKGDPR.
Overview - What is the GISPA?
The GISPA is split into sections:
- GISPA Version 5 - The overarching framework and principles
- Schedule 1 - Specific Information Sharing Agreement and Appendix (Additional Sharing and Processing Restrictions)
- Schedule 2 - Organisational & Technical Measures
- Schedule 3 - Definitions and Offences
- Declaration of Acceptance and Participation Form
The Gloucestershire Information Sharing Partnership Agreement (GISPA) has been created as a way to enable organisations to share personal data knowing that the other party will process this to the same standard. Ensuring that the data is processed in line with the principles of GDPR, and that the data is relevant and appropriate and processed in a lawful and safe manner.
Any public sector organisations and their partners who operate in Gloucestershire are able to adopt the GISPA, particularly those who hold information about individuals and may consider it appropriate or necessary to share that information. Signing up to the GISPA helps to ensure compliance with the UK General Data Protection Regulation (UKGDPR), the Data Protection Act 2018 and the Human Rights Act 1998 alongside the Information Commissioners statutory Data Sharing Code of Practice.
The aims and objectives of the GISPA are as follows:
- To assist compliance with statutory and legislative requirements for disclosing personal data,
- Promote lawful sharing of information between organisations for the provision of public services within Gloucestershire,
- Provide a more joined up approach to services provided in Gloucestershire by ensuring access to correct information in an efficient, appropriate and lawful manner,
- Assist organisations in meeting their regulatory requirements.
The GISPA is the overarching framework which sets out the principles and core requirements that all parties must adhere to. Each organisation must be satisfied that it can meet these requirements before signing up to the framework.
These core requirements are applicable to all Specific Information Sharing Agreements (SISA) entered into by the parties. Both the requirements of the overarching framework terms and the detail within the SISA should be adhered to throughout the term of any agreement.
More information on the GISPA and the sections within it are detailed on this site.