General Data Protection Regulation Community Councils

Slides:

Advertisements

Similar presentations

Legal & Regulatory Compliance. Overview What types of information should be included? What issues or problems might there be? What benefits could be obtained?

Advertisements

What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.

 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.

Data Protection and research Rachael Maguire Records Manager.

The EU General Data Protection Regulation Frank Rankin.

General Data Protection Regulation (EU 2016/679)

The Data Protection Act 1998

The Data Protection Act 1998

Information Management in Government: A Legal Perspective

HIPSSA Project PRESENTATION ON SADC DATA PROTECTION MODEL LAW

General Data Protection Regulations: The Key Changes

Making the Connection ISO Master Class An Overview.

Trevor Ellis Trainee Programmer (1981 – 28 years ago)

Viewing the GDPR Through a De-Identification Lens

Presentation to GTMC on GDPR

General Data Protection Regulation

General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.

International Regulatory Trends

Museums + Heritage webinar, 30 November 2017

GDPR Readiness Project

The Data Protection Act 1998

Data Protection Update – GDPR or bust

GDPR Road map to Compliance.

Data Protection & Freedom of Information- An Introduction

GENERAL DATA PROTECTION REGULATION (GDPR)

6 Principles of the GDPR and SQL Provision

Introduction to GDPR 09/11/2018.

Managing your Donors and the need for a Stewardship Programme

GDPR and paper records Why it’s not all cyber and fines Gary Shipsey

New Data Protection Legislation

The Data Protection Act & ICT Law

GDPR and Health and Safety

Data Protection Act.

Privacy: a work in progress

G.D.P.R General Data Protection Regulations

The GDPR and research data

Introduction to Records Management, FOI & Data Protection

Data Protection and GDPR – An introduction for Baptist Churches

The new data protection rules

General Data Protection Regulation

Data Protection principles

HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Meeting with the Namibia ICT Ministry and Data Protection Stakeholders.

Data Protection and You

Data Protection in Schools

Unit 1 Effective Communication in Health and Social Care

Identify the laws and guidelines that affect day-to-day use of IT.

Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .

Legal and Ethical Issues

A whistle stop tour of GDPR

Mathew Norman, Policy & Public Affairs Officer, RLA Wales

Information management and communication

GDPR Please don’t panic!

General Data Protection Regulations 2018

General Data Protection Regulations (GDPR) Training

 How does GDPR impact your business? Pro Tip: Pro Tip: Pro Tip:

The General Data Protection Regulation Six months on – What’s changed

Data Protection in Schools

The General Data Protection Regulation: Are You Ready?

Welcome IITA Inbound Insider Webinar: An Introduction to GDPR

#eaThinkData Get Ready for GDPR #eaThinkData.

Privacy and Cyber Security for Payroll Pros: A Global Perspective

Hot Topic 1: GDPR and Traffic Data Systems

What Governors need to know about GDPR

Dr Elizabeth Lomas The General Data Protection Regulation (GDPR): Changing the data protection landscape Dr Elizabeth Lomas

Identify the laws and guidelines that affect day-to-day use of IT.

Legislative Response to Data Inferences

Data Protection What can I do? GDPR Principles General Data Protection

Getting Ready For GDPR Simon Marks Director

GDPR what do we need to do?

Presentation transcript:

General Data Protection Regulation Community Councils Sarah Hughes-Jones Information Compliance Manager

Content Data protection – journey so far Overview of GDPR Data Protection Principles (& what they mean) What you can do

GDPR: Why? Because Data Protection has grown up... Data Protection Act 1984 Data Protection Act 1998 General Data Protection Regulation (GDPR) Provides a governance framework for personal data processing in any format. BUT rules are: pre Internet, pre profiling, pre business globalisation. Related to electronic records, and limited processing activities.

The new world Arrives 25 May 2018 Harmonises data protection across member states Introduces a new privacy framework focussing on accountability i.e. demonstrating compliance Expands the definition of personal data Allows national derogations & UK regulator (ICO) European Data Protection Board Greater enforcement, bigger fines Arrives 25 May 2018

Data Protection Principles Processed fairly and lawfully, and in a transparent manner Collected for specified, explicit and legitimate purposes Adequate, relevant and limited to what is necessary Accurate and, where necessary, kept up to date Kept for no longer than is necessary Processed in a manner that ensures appropriate security

What that means Only use the personal data you access as part of your Community Council role for Community Council business. Tell people why you need their data and what you will do with it. Only collect information you need. If the information might change over time, have a routine (but reasonable) process in place to keep it up to date. e.g. review mailing lists every 3 years. Follow agreed retention rules for the records you manage Have reasonable controls in place to keep personal data secure: use ‘Bcc’ field when appropriate; keep papers secure; understand security arrangements of websites/systems if used to collect/store personal data if sharing personal data with other organisations, document arrangements so everyone knows what to do

What should I do? Agree how your council will handle its records. Don’t Worry! Agree how your council will handle its records. Document your processes so everyone knows them. Keep smiling