Data Protection, Freedom of Information and Information/Records Management.

Slides:

Advertisements

Similar presentations

Administrative Systems and the Law What you need to know to produce an oral presentation for Unit 7 When the presentations will take place Resources you.

Advertisements

Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.

Introduction to Information Governance (IG)

Recordkeeping for Good Governance Toolkit

Data Protection Information Management / Jody McKenzie.

Information & Compliance UL University of Limerick & UL employees obliged to comply with certain legislation, including: Freedom of Information.

Confidentiality & Records Management. What is Information Governance? What is Records Management?

What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.

Data Protection & Freedom of Information The Practical Implications of Data Protection and Freedom of Information Caroline Dominey Data Protection Officer.

Developing a Records & Information Retention & Disposition Program:

Role of the Information Commissioner’s Office 'Promoting public access to official information and protecting your personal information' Christine Johnson.

Duncan Woodhouse – Assistant Registrar for Information Security, Risk Management and Business Continuity Helen Wollerton – Administrative Officer (Legal.

Audiences NI Data Protection Workshop

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

1 25 October EPFL Conference Data Protection in Intergovernmental Organizations Workshop 7 February 2013 K. Ernst S. Lüders C. Viala.

Clear Out Your Records: Policy and Planning Records Survey Anne Thompson Deputy Records Manager.

 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.

Data Protection for Church of Scotland Congregations

Class 14: Information Governance Jason R. Baron UMD Seminar on Ediscovery LBSC 708X/INFM 708X May 3, 2012.

Practical Information Management

The Information Commissioner’s Office David Evans.

Information Assurance and Information Sharing IMKS Public Sector Forum 7 February 2011 Clare Cowling, Senior Information Governance Adviser Transport for.

Handling information 14 Standard.

Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.

Public rights of access to information Grisilda Ponniah, Corporate Information Governance Manager Mary Elliott, FOI Officer Legal & Democratic Services.

The Data Protection Act 1998 The Eight Principles.

Ecords Management Records Management Paul Smallcombe Records & Information Compliance Manager.

Data Protection: An enabler? David Freeland, Senior Policy Officer 23 October 2014.

Data Protection STFC Presentation to PPD Senior Staff 26/11/2009 FoI/DP team.

Data Protection Act & Freedom of Information Simon Mansell Corporate Governance and Information Team.

Local Government Reform: Incorporating Planning Functions Ken Macdonald Assistant Commissioner (Scotland & Northern Ireland) Information Commissioner’s.

Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.

OPEN UP! Introduction to handling Freedom of Information requests.

Local Government Reform and Compliance with the DPA Ken Macdonald Assistant Commissioner (Scotland & Northern Ireland) Information Commissioner’s Office.

Data Protection Property Management Conference. What’s it got to do with me ? As a member of a management committee responsible for Guiding property you.

Recordkeeping for Good Governance Toolkit Workshop PARBICA 14 Evidence and Memory in the Digital Age.

Managing Records: Good government, Better business. FOI Presentations to Boards & Committees Cayman Islands National Archive November 2008.

SCHOOLS FINANCE OFFICERS MEETINGS Records Management, “Paper-Lite” Environments and Procedures when a school closes Elizabeth Barber.

INFORMATION GOVERNANCE AND CONFIDENTIALITY Information Governance Facilitator.

Data Protection and research Rachael Maguire Records Manager.

University Retention Schedule Training. Introduction to the University Retention Schedule.

What is the Data Protection Act (DPA)? 1998 The Data Protection Act 1998 seeks to strike a balance between the rights of individuals and the sometimes.

The Freedom of Information Act and UCL Compliance Rosamund Cummings UCL FOI Officer

Session 11 Data protection. 1 Contents Part 1: Introduction Part 2: Applicability and responsibility Part 3: Our procedures on data protection Part 4:

DATA PROTECTION AND RUNNING A COMPLIANT PUB WATCH SCHEME Nigel Connor Head of Legal –JD Wetherspoon PLC.

© University of Reading Lee Shailer 06 June 2016 Data Protection the basics.

Can you share? Yes you can!! Angus Council Adult Protection Maureen H Falconer, Senior Policy Officer Information Commissioner’s Office.

Workshop Understanding your responsibilities under the Data Protection Act 1998 and the Freedom of Information Act 2000 Adele Rhodes Girling.

Data protection—training materials [Name and details of speaker]

Data Protection and Freedom of Information. Objectives Describe the main points of the Data Protection Act 1998 and Freedom of Information Act 2000 Illustrate.

General Data Protection Regulation (EU 2016/679)

Data protection and data sharing

UW-Madison Guidelines for Managing the Records of Departing Employees*

Level 2 Diploma in Customer Service

General Data Protection Regulation

Data Protection & Freedom of Information- An Introduction

G.D.P.R General Data Protection Regulations

The new data protection rules

General Data Protection Regulation

Data Protection principles

Data Protection and You

Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .

Data protection and data sharing

General Data Protection Regulations 2018

The General Data Protection Regulation Six months on – What’s changed

Good Spirit School Division

Outlook and Shared Drives

Handling information 14 Standard.

GDPR Workshop – Partnerships for Jewish Schools

GDPR what do we need to do?

Presentation transcript:

Data Protection, Freedom of Information and Information/Records Management

  What is information governance?  According to Gartner:  the specification of decision rights and an accountability framework to encourage desirable behavior in the valuation, creation, storage, use, archival and deletion of information. It includes the processes, roles, standards and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals Information governance

  Complying with  Data Protection Act  Freedom of Information Act  Environmental Information Regulations  Cookies Directive  RIPA  Whatever the EU and the government come up with next What does this mean in practice

  Internal  Information security  Records management  External  Legislation  Guidance from ICO  Case law from the Information Tribunal and other courts  Standards Tools for compliance

  Covers personal information of living individuals  Eight principals – fairness, specified purpose, relevance, accuracy, retention, rights of data subjects, security, transfer outside EEA  Sensitive personal data defined e.g. health  Conditions for processing  Schedule 2 for general  Schedule 3 for sensitive  Subject access requests  Requests for changes to personal information Data Protection Act

  Things we do  Policy coming – some guidance already available  Breach procedure coming – tell us as soon as possible  Transfers outside the School procedure  Embedded in project planning process  When talking to people about their IT projects, remember to raise DP issues if the system will require processing of personal information  Handle subject access requests – sometimes have to contact IT services for this Complying with the DPA

  Respond to requests in 20 working days  Have to be in writing  More than 18 hours work breaches cost limit  Some exemptions available – public interest test, prejudice test, time test  Publication scheme  Datasets – will be required to provide in machine readable format Freedom of Information Act

  Cover environmental information only  Like FoI, must respond in 20 working days  Unlike FoI  Requests can be made verbally  Has exceptions rather than exemptions  All public interest test Environmental Information Regulations

  Records management blurring into information management  Records are evidence of decisions made and action taken – more formal than information  However, more or less treated the same these days  Main issues are:  Finding information, particularly that produced by other staff  Sharing information securely outside shared drives  Disposing of information – particularly electronic Records and information management

  Retention schedules set out how long records/info needs to be kept legally  Fairly easy with paper – box up, send to storage, destroy when reach disposal date or use confidential waste sacks.  Not so easy with electronic  Can use time trigger but when from? Date created? Date last used? What if not used for four years but relates to H&S accidents which need to be kept for 40 years?  Applying time triggers at which level? Document? Folder?  Deletion from systems like SITS – can you even do it or just wait until system is replaced? Latter not good enough for ICO Information disposal

 Any questions?