The Information Commissioner’s Office (ICO) has published a list of organisations that are being monitored because it appears they are not meeting the requirement to respond to freedom of information requests on time.
The ICO has looked at a number of complaints it had received, where a significant proportion of requests had not received a response within appropriate timescales. See http://www.ico.gov.uk/upload/documents/pressreleases/2010/ico_statement_monitored_authorities.pdf for details.
As part of an organisation’s security practices, it is vital that regulatory requirements are taken into consideration.
The Freedom of Information Act (FoI Act), for instance, has been in force since January 2005. It gives the public a right of access to certain types of recorded information held by public authorities, but also applies to companies that are wholly owned by public authorities.