Privacy by Design Session 6

Slides:



Advertisements
Similar presentations
JCPS – Computer Education Support: February 25, 2011 How to access and navigate the Infinite Campus Portal This presentation is a demonstration of the.
Advertisements

Library Online Catalog Tutorial Pentagon Library Last Updated March 2008.
Hiring Reform Implementation
Information for students Welcome to the S 3 P system. Login to the system by entering your User ID and password. The User ID is the same as your normal.
Hancock County Schools Staff Development Website An Introduction to Online Staff Development Registration Copyright © Hancock County Schools 2004.
1 ADP Algebra II End-Of-Course Online Field Test Test Administrator Training September, 2007.
Creating and Using Your FSA ID: An Overview
New Communication Platform of Our Class.
THE SIMPLE GUIDE: COMPLETING AN INJURY/ACCIDENT REPORT For KPBSD Staff Members.
Internet The internet is the largest computer network system in the world. It consists of many smaller networks connected together by a global public.
Professional Licensing Department Services & Processes.
Creating and Using Your FSA ID: An Overview
Creating and Using Your FSA ID: An Overview
How to use the Aleph catalogue?
Tony Sheppard Mobile Guardian
Creating and Using Your FSA ID: An Overview
Make-Up Testing/Undo Student Test Submissions
Our library system IN 7 STEPS.
Creating and Using Your FSA ID: An Overview
17-18 Willmar Public Schools
Outreach & Advertising
Information Governance Support Information Governance Services
Employers/Individuals and Personal Support Workers (PSWs) Transition to Oregon’s new Financial Management Agent Services (FMAS) Filling out necessary.
Using PCM Virtual Class
Employee Self Service Lite Version
Streamline your HR document management processes
Global Grid Forum GridForge
Island Park Schools Parent Portal
SCHOOL MANAGEMENT SOFTWARE
SIMS Reporting Enhancement supporting GDPR
SIMS Reporting Enhancement supporting GDPR
Implementation Specialists Presents
Materials Engineering Product Data Management (ePDM)
Employee Self Service (ESS) Version 2.20.
Appendices Navigating in BearQuest Appendix - 2 Viewing your Requests
Family Engagement Coordinator Meeting July 25, 2018
Online Testing System Assessment Viewing Application (AVA)
COM Orientation The template can be used to create presentations for community, civic, advocacy and government relations groups. It is also appropriate.
Change Management Team
Super Heroes in Training: Budgeting & Purchasing
Online Testing System Assessment Viewing Application (AVA)
SharePoint Administrative Communications Planning: Dynamic User Notifications for Upgrades, Migrations, Testing, … Presented by Robert Freeman (
SIMS Reporting Enhancement supporting GDPR
NOTE TO PRESENTER This presentation provides information on the FSA ID that can be used in outreach to students and parents. The presentation was created.
Introduction to the New SSA OnePoint Online Website
Business Office Manager Training The ACH Process in 7 Steps
Scott Nelson Sr. Coordinator Jane Ivey Accountant
Registration Process for new messages
2-1-1 Automated Verifications
Online Testing System Assessment Viewing Application (AVA)
Old Dominion University Center for Learning and Teaching Mobile Application.
Carolina Beach Elementary School
“Welcome to M.A.P.S. Advocate Training for 2017 Qualifications” Sponsored by: Westmoreland County Wellness Coordinator Westmoreland County MAPS Enhancers.
Creating and Using Your FSA ID: An Overview
Training tool Admin General Settings
Creating and Using Your FSA ID: An Overview
What is does it mean to be a Title I School?
Creating and Using Your FSA ID: An Overview
Training 101 : Accessing iBoomerang Tools
Creating and Using Your FSA ID: An Overview
Move this to online module slides 11-56
ECM SERVICES Group Stormwater Monitoring Program
Understanding Verification
NAPLAN 2019 Briefing for Test Administrators
Instructions on how to use TeachersOnCall, a Kelly Services Company
What is StudentWeb? In StudentWeb you can access:
What is StudentWeb? In StudentWeb you can access:
A Guide for getting technical help
Presentation transcript:

Privacy by Design Session 6 Data Breaches & Subject Access Requests

Identify Record (form) Assess Notify Mitigate Data Breach

Bavarian IS solution to record breaches: ticket system The importance of reporting data breaches to the DPO with the implemented system was announced via e-mail and is included in the intranet GDPR-pages Staff are familiar with our helpdesk ticket system (already in use for IT or facility support and Purchasing requests) Sub-types for different breaches Digital vs physical breach Several options

Bavarian IS solution to record breaches: ticket system Request details as open field for incident description as per instructions (individualized per sub-type) Required fields to collect information on the data subjects, kind of data and numbers of data sets affected Location, Room and Priority are standard fields from the system

Bavarian IS solution to record breaches: ticket system Backend of ticket system is used for documentation of assessment and further actions Notes for internal DPO qualification Assessment field (to be or not to be reported) Status options were extended with a ‘reported to supervisory authority’ option

Scenario 1 A list of student names and medical data is turned into the office by two students. A teacher was preparing for an upcoming field trip. They printed out the list of students with medical data and it was left at the photocopier. How would you manage a breach like this?

Scenario 2 Administrators request an account to be created for substitute teachers so they can access the attendance tools on the Student Information System. A generic account is created for substitute teachers. One month later, a substitute teacher reports that they have full access to student records and files on the Student Information System. How would you manage a breach like this?

Scenario 3 A teacher is sending an email message to all parents about an upcoming meeting. The teacher collects the names from the school management systems and CCes all parents on the message. How would you manage a breach like this?

Scenario 4 A teacher lends their device to a student so that they can present. The student logs into chrome, the teacher did not log out, and then chrome synchronized the two accounts. How would you manage a breach like this?

Subject Access Request Receive request Confirm request & identity Internal Communication Collation & Exemptions Data released Subject Access Request

Scenario 1 You receive an SAR from a student who is 18 years old. At the end of each term, you mail a report card to the family of each student. This particular student has requested that the report not be mailed and they will collect it personally from the office. How do you process this request?

Scenario 2 You receive a comprehensive SAR from a family that includes data from multiple departments within the school. The request is received the day after the school has closed for a holiday. There are no employees on site. How do you process this request?

Scenario 3 A family has applied to the school but their child’s application is rejected. The family has submitted a SAR for all notes including confidential discussions about their child’s application. How do you process this request?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.