• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
2014 dpa training february nn
 

2014 dpa training february nn

on

  • 341 views

Data Protection Training presentation for work. A consistent 7/7 from audience on presentation and slides. The presentation covers the 8 principles of the Act and describes the roles and ...

Data Protection Training presentation for work. A consistent 7/7 from audience on presentation and slides. The presentation covers the 8 principles of the Act and describes the roles and responsibility of staff.

Statistics

Views

Total Views
341
Views on SlideShare
340
Embed Views
1

Actions

Likes
0
Downloads
13
Comments
0

1 Embed 1

https://twitter.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • . <br />

2014 dpa training february nn 2014 dpa training february nn Presentation Transcript

  • Data Protection Training Session Information Management Team February 2014
  • Table of Contents Section 1 Introduction: how the Act works Section 2 Definitions Section 3 The 8 Principles of the DPA Section 4 Your responsibilities Section 5 Additional information 2
  • Your take aways • Know the 8 principles • Know your role and responsibilities. 3
  • The Legal Framework Our use of information is governed by a range of laws principally: • The Data Protection Act • The Freedom of Information Act • Common Law Duty of Confidence You need to know how • Human Rights Act these laws affect you! 4
  • 5
  • What is the Data Protection Act? 6
  • How the Act Works As a “data controller” , you have to follow the eight principles so you protect the rights of individuals also known as “data subjects”. The principles cover how you work with personal data and sensitive personal data. 7
  • SECTION TWO: DEFINITIONS 8
  • What is personal Information? Personal information is defined broadly and has two criteria: First. It must relate to a living person. The dead do not have data protection rights. The living relatives will have a right to privacy and confidentiality. Second, the person must be identifiable – either from the information itself or from the information plus other information which the data controller either possesses or is likely to possess in the future The definition of personal data includes any expression of opinion about the data subject. 9
  • What is Sensitive Personal Data? Sensitive personal information is defined by the Act. It covers the following areas: Race ethnic origin Criminal records (including CRB checks) Membership of a trade union Medical records (such as sickness absence) Political opinions Religious, or similar beliefs Sexual life, for example, a person’s sexual orientation In most cases explicit consent is needed before these can be used but other conditions may apply. 10
  • What is a Data Subject A data subject is any living individual who is the subject of personal data. 11
  • What is a data controller An organisation, or an individual, is a data controller if it has full authority to decide how and why personal data is to be “processed” . When an organisation uses personal data or shares it with another organisation, it is acting as a data controller. Please note that an employee working for an organisation can never be a data controller. 12
  • What is processing? 13
  • SECTION 3 THE 8 PRINCIPLES 14
  • • If you learn nothing else on Data Protection, remember the following slide and you’ll probably be OK 15
  • The 8 Data Protection Principles 1. 2. 3. 4. 5. 6. Fairly and lawfully processed Processed for limited purposes. Adequate, relevant and not excessive Accurate and up to date Not kept for longer than is necessary. Processed in line with the rights of the data subject. 7. Stored and processed securely. 8. Not transferred to countries without adequate protection. 16
  • Principle 1: Fair and Lawful 17
  • Principle 2. Processed for limited purposes 18
  • Principle 3. Adequate, relevant, not excessive 19
  • Principle 4 Accurate 20
  • Principle 5 Not kept for longer than is necessary. 21
  • Principle 6 Rights of Data Subjects 22
  • Principle 7 Secure • VS 23
  • Principle 8 24
  • Video Break http://www.youtube.com/watch?v=CdYWoLC7TNI&feature=youtu.be 25
  • SECTION 4 YOUR RESPONSIBILITIES 26
  • Responsibilities • • • • Subject Access Requests Security of information Records management Sharing information 27
  • Subject Access requests • What is a SAR? • What do you need to do? • Educational Record • Third Party Data • Confidentiality 28
  • Security of Paper records 29
  • Records management 30
  • Sharing information 31
  • SECTION 5 CONTACT INFORMATION 32
  • Who to contact? Information Commissioner’s Office 0303 123 1113 Information Management Team 03000 268 035 33