There is not such a thing as a final release for the Toolkit; it is a live set resources to enable safe and compliant information sharing across organisations. New guidelines and updates will be continually offered as required. Resources will be available via this site.
Author Archives: sysadmin
Is it possible to continue using SASPI?
The Scottish IS Toolkit is an update of SASPI which was developed in 2011 and due for review since 2015. The Toolkit incorporates an enhances information sharing arrangement across the public sector, including confidential information beyond personal information. But also represents an improvement in terms of good practices along the negotiation process that represents the […]
IS Toolkit – communications & awareness campaign
How the IS Toolkit has been communicated and what’s the plan for future communications? The overall plans of The Scottish Government in terms of Information Governance and Security, were initially communicated via DL (2015) 17 ” Information Governance and Security Improvement Measures 2015-17″; the IS Toolkit being part of this package of measures. The Toolkit has been presented at […]
‘safe haven’ boundaries
Where and what are the boundaries of the ‘safe haven’ which are being accredited – the charter restricts the definition to the analytical platform where access to anonymised data is being given, but does not necessarily include the preceding stages (anonymisation/linking agents, etc)? The boundaries of the ‘safe haven’ should include the linkage agent etc […]
Save Haven’s standards and the controls
What about other standards and the controls (for example ISO9000 and ISO15489), these are equally if not more important than information security in protecting data? Addressed in the additional controls included in accreditation set
ISO 27001 ISMS certification
Does ISO 2700 ISMS certification get you automatic safe haven accreditation, and if not why not? The existing ISO certification should shortcut most of the work, but evidence still required and additional controls not in ISO 2700 need to be addressed
IS Toolkit – what happens with current completed agreements, protocols, accords etc?
Does the launch of a set of templates, guidance and associated documentation – called the Information Sharing Tool-kit – mean that we have to set aside all the current completed agreements, protocols, accords etc? Negotiating information sharing can be difficult and time-consuming, and the last thing that The Scottish Government wants to do is undermine […]
Central team and National accord
Is there a central team that creates an overall accord and does some basic assurance on the organisations that which to share information? The tool-kit has been designed so that there is no overall national accord. It is not possible for The Scottish Government, or other central team, to assure organisations at a basic level […]
DL (2015) 17 Information Governance
Director-Letter-Information-Governance-3