What we mean when we say public content
If content is set to public this means it can be accessed by anyone without a log in. This can be useful for staff or external colleagues who do not have a council device to access services.
An example of content that is public on the intranet is the health and wellbeing service. This allows staff who do not have a council device to access services such as mental health support, occupational health and other resources to support them at work.
The intranet is not indexed in Google or other search engines which means the general public would struggle to find it. For example, if a member of the public searched for 'Cumberland Intranet' it would not appear.
When content should be public
Content can be public if it:
- would be released under an Freedom of Information request
- supports transparency, digital inclusion, or equality of access
includes policy documents, strategies, or guidance that are not sensitive - is part of staff-facing services that benefit from public visibility – for example, job descriptions, training opportunities, service standards
- needs to be available to colleagues who do not have a council device
- is designed to promote openness, such as blogs, case studies, or performance reports
When content should be restricted
Within the backend of each page we have the ability to switch the page to “Restricted”. This means the page will still appear to the public but the contents of the page will be behind a log in screen.
This means you will have to enter your Cumberland email address to receive a single-use link that will expire after 24 hours.
If you have a Cumbria or legacy email address, replace it with 'cumberland' in your email address. For example: [email protected].
If the content is confidential
The content should be set as restricted if it:
- contains personally identifiable information (PII) about staff, residents, or service users
- includes financial data, payroll, or budget details not already published.
- reveals internal strategies, procurement details, or sensitive project plans.
- discloses corporate stationery templates or branding assets that could be misused
If the content falls under legal or regulatory restrictions
The content should be set as restricted if falls under:
- GDPR
- FOIA exemptions
- contractual confidentiality clauses
- security classifications such as “Official-Sensitive” or higher under the Government Security Classification Scheme
If the content would cause a reputational risk
The content should be set as restricted if it:
- could cause embarrassment or reputational damage if leaked or misinterpreted
- would not be released under a Freedom of Information (FOI) request due to exemptions – you should be prepared to justify classification decisions in response to FOI requests
The content could cause a security risk
The content should be set as restricted if it:
- could expose system vulnerabilities, internal procedures, or operational weaknesses
- includes meeting notes, AI prompts, or internal communications that are not intended for public consumption
- could cause audience sensitivity
How we manage documents
All documents are stored on our internal document SharePoint and link to on the intranet. This means that users will need to log in to see the document.
You should make sure documents that are sensitive are tagged with classification labels (for example “Public”, “Secure”) and reviewed periodically.
Find out more about how we manage internal documents.