Knogin
[Developers]

Public Information and FOI Redaction Workflow

Turn any inbound Freedom of Information request into a fully governed, cryptographically signed disclosure cycle without leaving the platform.

Back to All Modules
Category: ModulesLast Updated: May 5, 2026
modulesblockchain

Overview#

Turn any inbound Freedom of Information request into a fully governed, cryptographically signed disclosure cycle without leaving the platform.

The Public Information and FOI Redaction Workflow receives a Freedom of Information request, scopes it to the relevant incidents and date ranges, applies automated redaction across mixed-media artefacts, routes the result to a reviewer for sign-off, and produces a signed disclosure pack. Throughout the cycle the platform maintains the balance mandated by data protection law between the public interest in transparency and the privacy of patients, callers, and bystanders.

Key Features#

  • FOI Request as Governance Incident: Every inbound request is recorded as a first-class governance record linked to the underlying operational incidents through a typed correlation, so the request itself is fully auditable and traceable.

  • Scoping to Source Incidents: Reviewers attach a request to specific incidents, date ranges, or operational categories before any redaction work begins, limiting the processing surface to only what is necessary under the proportionality principle.

  • Multi-Modal Auto-Redaction: A combined pipeline handles face and licence-plate blur on video and still images, name and address suppression in transcripts, and voice-print attenuation in call audio, covering the full range of artefact types generated during incident response.

  • Pseudonymisation Vault Reuse: PII tokens already produced for clinical and dispatch workflows are reused when preparing a disclosure, so identities remain consistently masked across all artefact types and are not re-processed in a way that could introduce inconsistency.

  • Reviewer Sign-Off Console: The data protection officer is presented with a structured review surface to accept, adjust, or reject each proposed redaction before the disclosure pack is sealed, preserving human accountability for every decision.

  • Signed Disclosure Pack: The released bundle is produced as a long-lived archival document, cryptographically signed and timestamped, and accompanied by a structured redaction log so the requester and any oversight body can verify what was withheld and on what basis.

  • Audit-Trailed Provenance: Each redaction operation is recorded on the source incident timeline with the operator identity, the rule applied, and a reference to the affected artefact, producing a complete chain of custody.

  • No Duplication of Underlying Controls: This workflow is the governance surface around the platform's redaction management capability and does not implement a parallel set of redaction controls.

Use Cases#

Journalist or Media Organisation Request#

A news organisation submits a request for records from a multi-casualty event. The data protection officer scopes the request to the relevant incidents, the redaction pipeline removes personal identifiers across all media, and the signed pack is delivered through the requester portal with a full redaction log.

Family or Next-of-Kin Request#

A relative requests records of a specific emergency call. Reviewers produce a redacted version that protects the privacy of third parties present in the recording while disclosing the operationally relevant content.

Statutory Oversight and Inspectorate Disclosure#

A statutory oversight body receives a scoped, signed disclosure pack that includes provenance for every redaction decision, enabling it to verify that the disclosure was complete and proportionate.

Internal Legal Discovery Support#

Legal teams use the same workflow to scope, redact, and sign internal disclosures before sharing them with external counsel, ensuring consistent application of the redaction rules regardless of the disclosure audience.

Cross-Agency Information Sharing#

A partner agency receives a redacted operational extract while sensitive caller and patient information remains protected by the pseudonymisation vault, with the redaction log available to both parties.

Integration#

Customers and developers interact with this workflow through the platform's GraphQL API. Redaction operations, review decisions, and disclosure lifecycle transitions are all exposed as typed queries and mutations. OAuth 2.0 bearer tokens issued by the platform's identity service gate access, and role-based permissions restrict the sign-off endpoint to authorised data protection officers.

The workflow fits into a broader integration in the following ways:

  • Inbound request ingestion: FOI requests arrive via the REST endpoint on your tenant's platform API or are created directly from the reviewer console.

  • Scope and correlation: Reviewers link the governance record to one or more source incidents through the normalised incident model, using the same identifiers that appear across other platform modules.

  • Redaction pipeline hooks: Automated redaction runs as a background process against the scoped artefacts; reviewers are notified when the pipeline completes and the pack is ready for sign-off.

  • Disclosure pack delivery: Signed packs are delivered through the requester portal extension, which generates a time-limited access link. Offline verification is supported: the bundle contains a manifest, a digital signature file, and a trusted timestamp token so recipients can confirm integrity without relying on the platform.

  • Audit trail: Every operation is appended to the platform's immutable audit record, queryable through the standard audit queries, and exportable for submission to an oversight body.

Open Standards#

  • EU GDPR (Regulation 2016/679): the workflow operates within the lawful-basis and data-subject-rights framework of the General Data Protection Regulation, including the proportionality and purpose-limitation principles that govern what may be disclosed.

  • Freedom of Information Act 2014 (Republic of Ireland): scoping, decision-making, and delivery align with the statutory framework governing FOI requests in Ireland; the same workflow is adaptable to equivalent national legislation in other jurisdictions.

  • ISO 19005-3 (PDF/A-3): disclosure bundles are produced as PDF/A-3 archival documents, a format designed for long-term preservation and verifiability independent of the creating application.

  • RFC 3161 (Internet X.509 PKI Time-Stamp Protocol): each sealed disclosure pack receives a trusted timestamp token from a third-party timestamp authority, binding the manifest hash to a point in time in a way that cannot be retroactively altered.

  • CMS / PKCS#7 (RFC 5652): the pack's manifest is signed using Cryptographic Message Syntax so that any recipient can verify the bundle's integrity and the signing identity without requiring access to the platform.

  • ISO/IEC 27001: the redaction lifecycle is operated within an information security management framework, with access controls, audit logging, and least-privilege enforcement applied at every stage.

Security and Compliance#

The disclosure workflow is designed around the principle that every privacy-relevant decision must be attributable, reversible in review, and verifiable by a third party after delivery.

Access to the sign-off endpoint requires both an authenticated session and the explicit data protection officer permission; no other role may seal or deliver a pack. All redaction decisions are logged with operator identity and timestamp before the pack is produced. The resulting bundle is self-contained: it can be verified offline using the manifest, the digital signature, and the trusted timestamp token without requiring any further interaction with the platform.

The platform applies row-level security across all disclosure operations so that a data protection officer in one organisation cannot access the governance records or artefacts of another.

Last Reviewed: 2026-05-05 / Last Updated: 2026-05-05

Ready to Build?

Get started with our APIs or contact our integration team for support.