Whenever Solihull Council uses a contractor to process personal information on our behalf, we must choose one who can offer adequate safeguards to ensure our information is kept safe and secure.
This Information Security Self Assessment allows us to assess the technical and organisational measures you have in place to protect the personal information you process on our behalf. It also acts as evidence that reasonable measures have been taken to ensure these are in place; this includes the personal information supplied to you by Solihull Council or that you collect or create on our behalf.
It may be necessary for us to request evidence to support any details supplied within the form and occasionally a site visit may be required.
Do's and Don'ts
Do
- complete this self assessment and return it to Solihull Council
- keep evidence and records of compliance with Data Protection law, for example training records
- ensure that staff understand their responsibilities under Data Protection law and are also under an obligation of confidentiality
- review existing contracts with any subcontractors you use to ensure that they meet the strict standards we are asking of you
Don't
- regard Data Protection as someone else’s problem
Submit your assessment
Information Security Self Assessment
Any questions marked with an asterisk (*) are mandatory. If a mandatory question is not relevant to your business please answer 'Not applicable'.