Taituarā’s best-practice governance resources and advice provide councils with guidance in areas around legislative obligations, LGOIMA expectations and changes to the Privacy Act. A new governance section in Taituarā’s LGSectorGoodToolkit outlines some of the changes that have taken place in these areas this year.
Mandatory Register of Documents
The Mandatory Register of Documents lists every document that a council needs to produce under legislation. The Register is continually updated as legislation changes. The next update will include documents that councils are directed to produce under National Policy Statements (NPS) and National Environment Standards (NES). Although the NPS and NES are not legislation, their impact on councils are sufficient that these should be included in the Register. National Policy Statements provide direction to local authorities on the environmental matters of urban development, freshwater, and coastal policy. An indigenous biodiversity NPS will be added next year
LGOIMA Proactive Release Guidelines
Also included in the new section is advice around the new expectations that are occurring for LGOIMA official information requests. They arise from an earlier 2015 Ombudsman’s report, Not a game of Hide and Seek, an investigation into OIA compliance and practice. The Ombudsman now requires more transparency from councils,
The Guidelines for proactive release and publishing of official information for local authorities sets out high level principles and guidelines for local authorities on the proactive publication of LGOIMA responses. It is intended for use by local authorities and their council controlled organisations. There is a requirement for local authorities to increase the availability of information, and that internal processes will support the process. Another principle is the presumption in favour of proactive publication, and that due diligence will be exercised to assess risks prior to publication.
To assist councils with LGOIMA management, data from our 2020 survey is included in the Governance resources in the Toolkit. It provides a good indication of LGOIMA practices that are occurring across the sector and will help inform internal policies or guidelines.
Privacy Act Guidance
Guidance on changes to the Privacy Act came into force on 1 December 2020. One of the major changes for local authorities is the new mandatory reporting of privacy breaches. Included is a guidance document on what the changes are and how to prepare for them, Privacy Act guidance by Simpson Grierson.
If a council is engaged in a privacy breach, they must report it to the Privacy Commissioner and the people affected by the breach. With electronic data storage now the norm, issues of cybersecurity and data privacy have increased in importance. By legislating mandatory reporting of breaches, it allows any affected parties the opportunity to try and mitigate risks should their data privacy be breached.
We recommend that councils have a policy in place so that there is a procedure that staff can follow quickly should a privacy breach occur.
You can view Taituarā’s governance guidance on the LGSectorGoodToolkit resource section of the Taituarā website.