Non-confidential facts and advice to the Deputy Mayor for Policing and Crime (DMPC)
1. Introduction and background
1.1. CrimInt+ is a business critical corporate intelligence and information management solution.
2. Issues for consideration
2.1. The proposed investment is aligned to the technology roadmap for CrimInt+, and will maintain supportability.
3. Financial Comments
3.1. The capital cost of £996,830 is fully funded within the new draft capital plan with MOPAC for approval in early 2019.
3.2. There is a one-off revenue cost of £9,800 for decommissioning legacy kit, which is funded from the Digital Policing approved budget.
4. Legal Comments
4.1. The Mayor’s Office for Policing and Crime (MOPAC) is a contracting authority as defined in the Public Contracts Regulations 2015 (the Regulations). All awards of public contracts for goods and/or services valued at £181,302 or above must be procured in accordance with the Regulations. DLS confirms that the proposed procurement routes comply with the Regulations.
5. Commercial Issues
5.1. Contracts will be aligned to the existing SIAM and Towers framework and to use existing governance to avoid time and cost of a lengthy procurement exercise.
5.2. The services required from the software provider shall be procured via either a SIAM and Tower provider or utilising and extending the current software service agreement with the organisation. Where required, all appropriate governance will be followed for amending the agreement(s) and suitable provisions protecting the MPS incorporated.
6. GDPR and Data Privacy
6.1. The MPS is subject to the requirements and conditions placed on it as a 'State' body to comply with the European Convention of Human Rights and the Data Protection Act (DPA) 2018. Both legislative requirements place an obligation on the MPS to process personal data fairly and lawfully in order to safeguard the rights and freedoms of individuals.
6.2. Under Article 35 of the General Data Protection Regulation (GDPR) and Sections 57 and 64of the DPA 2018, Data Protection Impact Assessments (DPIA) become mandatory for organisations with technologies and processes that are likely to result in a high risk to the rights of the data subjects.
6.3. The Information Assurance and Information Rights units within MPS will be consulted at all stages to ensure the project meets its compliance requirements.
6.4. A DPIA has been completed for this project. The project will ensure a privacy by design approach, which will allow the MPS to find and fix problems at the early stages of any project, ensuring compliance with GDPR or the Law Enforcement Directive (LED). DPIAs support the accountability principle, as they will ensure the MPS complies with the requirements of GDPR or the LED and they demonstrate that appropriate measures have been taken to ensure compliance.
7. Equality Comments
7.1. An Equality Impact Assessment has been completed and the supplier engaged to provide a self-assessment of Patriarch with Microsoft Assistive Technology (High Contrast, Narrator, Magnifier) but at the time of writing do not expect to see compatibility issues, as this is just a re-platform / upgrade of an existing service.
8. Background/supporting papers