During the supervisory operations, in the first half of the year 2020, the Data Inspectorate found deficiencies in the making available public information or the protection of private information in 6 documents registers of local government, which brought proceedings for the elimination of deficiencies.
Metadata is incorrectly filled in the main errors when keeping the document register. Therefore, it is not understandable whether the documents are digital, restricted, or for which reason access to the information is not allowed. For example, procurement tenders are registered for a period of five years, but, in addition to the termination of the procurement procedure, it is generally public information where it does not contain business secrets, private-sector interference, or other restricted information.
Authorities also often do not allow access to documents or e-mails for which no access restriction has been imposed. The limit has been left unput, but the document is technically unreachable. There have also been shortcomings in the registration of letters from other institutions in the document register as the sender of the letter as a letter from a private person and imposing a restriction of access on the protection of private life.
The inspectorate has also identified many times that the names of natural persons have been recorded as data in the document register of documents, or if the contacts of the person not covered by the response to the natural person are observed in the reply of the Authority. This means that if Mari Maasikas is turning to the rural municipality, for example, to receive a road storage plan, the registration of the letter in the public view is often misleading, or the name and contact details are not respected in his letter when replying to the message.
Under investigation.
In the first half of the year, the Inspectorate dealt with deficiencies in the registers of people in Tartu, Otepää, Järva and Valga municipalities and Narva city government and Tallinn city agencies. The investigation was also re-introduced by the education and research EKIS system, which is used by hundreds of educational institutions as document management software. The management of the Defence Investment Centre was also launched to create a missing document register.
The requirements for the maintenance of the register of documents are provided by the Public Information Act and the purpose of maintaining it is to ensure the public and access to public information of the activities of the Agency. Since the register of documents can be considered as a part of the agency’s website, it should be taken seriously because it is dependent only on the reputation of the institution itself, but the credibility of the country as a whole.
In 2019 a number of data leaks occurred, in which the document registers became publicly sensitive and have restricted access to the privacy of many people. Most times unfortunately, there was a human error that can be prevented by increasing the competence of employees and occasionally by examining their register of documents.
The inspectorate began a total of 2020. The first half of the year 17 own-initiative supervision procedures.