Your SlideShare is downloading. ×
2014 dpa training february nn
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

2014 dpa training february nn

348

Published on

Data Protection Training presentation for work. A consistent 7/7 from audience on presentation and slides. The presentation covers the 8 principles of the Act and describes the roles and …

Data Protection Training presentation for work. A consistent 7/7 from audience on presentation and slides. The presentation covers the 8 principles of the Act and describes the roles and responsibility of staff.

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
348
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
16
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • .
  • Transcript

    • 1. Data Protection Training Session Information Management Team February 2014
    • 2. Table of Contents Section 1 Introduction: how the Act works Section 2 Definitions Section 3 The 8 Principles of the DPA Section 4 Your responsibilities Section 5 Additional information 2
    • 3. Your take aways • Know the 8 principles • Know your role and responsibilities. 3
    • 4. The Legal Framework Our use of information is governed by a range of laws principally: • The Data Protection Act • The Freedom of Information Act • Common Law Duty of Confidence You need to know how • Human Rights Act these laws affect you! 4
    • 5. 5
    • 6. What is the Data Protection Act? 6
    • 7. How the Act Works As a “data controller” , you have to follow the eight principles so you protect the rights of individuals also known as “data subjects”. The principles cover how you work with personal data and sensitive personal data. 7
    • 8. SECTION TWO: DEFINITIONS 8
    • 9. What is personal Information? Personal information is defined broadly and has two criteria: First. It must relate to a living person. The dead do not have data protection rights. The living relatives will have a right to privacy and confidentiality. Second, the person must be identifiable – either from the information itself or from the information plus other information which the data controller either possesses or is likely to possess in the future The definition of personal data includes any expression of opinion about the data subject. 9
    • 10. What is Sensitive Personal Data? Sensitive personal information is defined by the Act. It covers the following areas: Race ethnic origin Criminal records (including CRB checks) Membership of a trade union Medical records (such as sickness absence) Political opinions Religious, or similar beliefs Sexual life, for example, a person’s sexual orientation In most cases explicit consent is needed before these can be used but other conditions may apply. 10
    • 11. What is a Data Subject A data subject is any living individual who is the subject of personal data. 11
    • 12. What is a data controller An organisation, or an individual, is a data controller if it has full authority to decide how and why personal data is to be “processed” . When an organisation uses personal data or shares it with another organisation, it is acting as a data controller. Please note that an employee working for an organisation can never be a data controller. 12
    • 13. What is processing? 13
    • 14. SECTION 3 THE 8 PRINCIPLES 14
    • 15. • If you learn nothing else on Data Protection, remember the following slide and you’ll probably be OK 15
    • 16. The 8 Data Protection Principles 1. 2. 3. 4. 5. 6. Fairly and lawfully processed Processed for limited purposes. Adequate, relevant and not excessive Accurate and up to date Not kept for longer than is necessary. Processed in line with the rights of the data subject. 7. Stored and processed securely. 8. Not transferred to countries without adequate protection. 16
    • 17. Principle 1: Fair and Lawful 17
    • 18. Principle 2. Processed for limited purposes 18
    • 19. Principle 3. Adequate, relevant, not excessive 19
    • 20. Principle 4 Accurate 20
    • 21. Principle 5 Not kept for longer than is necessary. 21
    • 22. Principle 6 Rights of Data Subjects 22
    • 23. Principle 7 Secure • VS 23
    • 24. Principle 8 24
    • 25. Video Break http://www.youtube.com/watch?v=CdYWoLC7TNI&feature=youtu.be 25
    • 26. SECTION 4 YOUR RESPONSIBILITIES 26
    • 27. Responsibilities • • • • Subject Access Requests Security of information Records management Sharing information 27
    • 28. Subject Access requests • What is a SAR? • What do you need to do? • Educational Record • Third Party Data • Confidentiality 28
    • 29. Security of Paper records 29
    • 30. Records management 30
    • 31. Sharing information 31
    • 32. SECTION 5 CONTACT INFORMATION 32
    • 33. Who to contact? Information Commissioner’s Office 0303 123 1113 Information Management Team 03000 268 035 33

    ×