I have received representations not only from the National Association of Local Councils, but from the Suffolk Association of Local Councils and many of my own parish councils—including Moulton Parish Council—which do an admirable job in telling me about the pressures facing parish councils throughout the country. I pay tribute to them for their efforts, and for the length of their representations to me.
Of course it is important for parish councils, and other local councils, to follow high-quality data protection standards. The Information Commissioner’s Office has provided extensive guidance to help organisations to prepare for their new responsibilities, and I urge councils to look at it.
The responsibilities of data protection officers—this is relevant to the issue raised by the hon. Gentleman—can be implemented in different ways. For instance, several parish councils can choose to share a single data protection officer, provided that he or she is easily accessible from each establishment. The system does not require the hiring of one person per organisation. Organisations have already been set up to provide this service, and the service itself is important. In the case of a small organisation, such as a very small business or a parish council on a low budget, it is still important for data to be handled and protected carefully, because small organisations too can hold very sensitive personal information. I am extremely sympathetic to the plight of small businesses that must deal with regulation—especially as I come from a small business background myself—but I am also convinced that it is good practice to follow high-quality data protection standards, and that it is good for organisations to do so.