The Information Commissioner’s Office

Slides:



Advertisements
Similar presentations
Data Security Breach Code of Practice. Data Security Concerns Exponential growth in personal data holdings Increased outsourcing 3 rd countries cloud.
Advertisements

University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.
Information Commissioner’s Office: data protection Judith Jones Senior Policy Officer Strategic Liaison – public security 16 November 2011.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection Overview
Data Protection Act. Lesson Objectives To understand the data protection act.
The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.
Regulation of Personal Information Daniel Pettitt, Leon Sewell and Matthew Pallot.
Data Protection Act obligations and pseudonymisation Dawn Monaghan Group Manager Information Commissioners Office.
The Framework for Privacy Policies in the UK: Is telling people what information is gathered about them part of the framework? Does it need to be? Emma.
Information sharing: the view from the ICO Vicky Cetinkaya, Senior Policy Officer, ICO One Staffordshire Information Sharing Protocol launch event Stafford,
Taking a Risk Based Approach to Data Protection Supervision David Smith Deputy Information Commissioner.
DATA PROTECTION AND RUNNING A COMPLIANT PUB WATCH SCHEME Nigel Connor Head of Legal –JD Wetherspoon PLC.
© University of Reading Lee Shailer 06 June 2016 Data Protection the basics.
Information Security TechLink Seminar, 17 April 2013 James Knapton, Information Compliance Officer, Registrary’s Office.
Workshop Understanding your responsibilities under the Data Protection Act 1998 and the Freedom of Information Act 2000 Adele Rhodes Girling.
Records management for the public sector 8 September 2016 Judith Jones - Group Manager Sue Markey - Senior Policy Officer Government and Society.
Information Governance Support Information Governance Services
General Data Protection Regulation (EU 2016/679)
Data Protection Regulation
General Data Protection Regulation (GDPR)
The future of data protection: General Data Protection Regulation
General Data Protection Regulations and the IoT
Presentation to GTMC on GDPR
General Data Protection Regulation (GDPR
General Data Protection Regulation
The law enforcement provisions of the Data Protection Bill
Museums + Heritage webinar, 30 November 2017
GDPR Overview Gydeline – October 2017
GDPR Overview Gydeline – October 2017
The European Union General Data Protection Regulation (GDPR)
INTRODUCTION TO GDPR 19/09/2018.
DP BILL: DIFFERENCES AND DEROGATIONS
Public Sector Organisations - are you GDPR ready?
GDPR - Individual’s Rights
GENERAL DATA PROTECTION REGULATION (GDPR)
General Data Protection Regulations
Data Protection Reform in Local Government
GDPR and paper records Why it’s not all cyber and fines Gary Shipsey
Introducing the General Data Protection Regulation 2016
GDPR: getting your firm ready
Data protection reform – update from the ICO
State of the privacy union
Information Governance
G.D.P.R General Data Protection Regulations
From DPA to GDPR: the key elements
The National Working Group
Identify the laws and guidelines that affect day-to-day use of IT.
Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .
General Data Protection Regulation (GDPR)
A whistle stop tour of GDPR
Mathew Norman, Policy & Public Affairs Officer, RLA Wales
GDPR How does it apply to me?.
How we use Your Health Records
How we’ll prepare for the General Data Protection Regulation (GDPR)
GDPR Workshop MEU Symposium Prague 2018
General Data Protection Regulations 2018
General Data Protection Regulations (GDPR) Training
Detecting, reporting & investigating data breaches under GDPR
The General Data Protection Regulation Six months on – What’s changed
By The Data Protection Commissioner
Data Protection in Law Enforcement Area Chapter 9a of the draft law
A Framework for Compliance
Overview of the recommendations regarding approximation of the Law on personal data protection to the new EU General data protection regulation Valerija.
Data Breach Management Workshop
Temporary Event Notices
Data Protection for SDS Employers Alison Johnston Lead Policy Officer (Scotland) Information Commissioner’s Office.
Caring for People and their Data
Data Protection What can I do? GDPR Principles General Data Protection
GDPR Session
Presentation transcript:

The Information Commissioner’s Office NPCC Professional Development Event 19 June 2018

Points of discussion GDPR / Data Protection Act 2018 Guidance / FAQs ‘Manifestly unfounded’ Breach Notification / Themes Right to erasure / Rectification

25 May 2018

How does the legislation fit together? General Data Protection Regulation (GDPR) Data Protection Act 2018 How does the legislation fit together?

Law Enforcement Processing (Part 3) General Processing Law Enforcement Processing (Part 3) Data Protection Act 2018 Intelligence Services Processing (MI5, MI6, GCHQ) The Information Commissioner ICO Enforcement Preliminary, Supplementary and Final Provision, and Schedules

Guidance update and FAQs For the last two years, the ICO has been helping organisations prepare for the new law by producing guidance and targeted online resources: For organisations For the public

Frequently asked questions… Am I a competent authority? Can we still share information with the Police? Do individuals still have the same rights under the new legislation? Does our processing fall under GDPR or Part 3 of the Act?

DPA 1998 Section 29(3) DPA 2018 Schedule 1 – Part 2 (10) Disclosures made for the purposes of law enforcement – permissive Exempt from the non disclosure provisions DPA 2018 Schedule 1 – Part 2 (10) Schedule 2 – Part 1 (2) Crime and Taxation: general Permissive gateway for disclosure Exempt from the GDPR provisions

Manifestly unfounded and excessive requests Excessive is likely to be of relevance to repetition or frequency Considered on a case by case basis Controller should record reasons for decision making

Breach notification A breach is more than just losing personal data Report to the relevant supervisory authority (ICO) without undue delay and within 72 hours Consider if individuals need to be notified

Breach Themes Most common breach is sending personal data to the wrong recipient Increase in reported cyber security incidents Enforcement action taken against three police forces in 2018 CPS

Right to erasure Individual rights What police forces need to consider Reflections on how this is working in practice

Right to rectification What the law requires How to make this work in practice

Any Questions? Audience questions – what are the main concerns?

Subscribe to our e-newsletter at ico.org.uk Keep in touch @iconews PJS@ico.org.uk Subscribe to our e-newsletter at ico.org.uk

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.