Presentation is loading. Please wait.

Presentation is loading. Please wait.

Breach or no breach? Today’s trainer: 1

Published byYahvi Das Modified over 6 years ago

Similar presentations

Presentation on theme: "Breach or no breach? Today’s trainer: 1"— Presentation transcript:

1 Breach or no breach? Today’s trainer: 1
Trainer notes are provided throughout these slides. You can refer to them when presenting. Insert your name here! Today’s trainer: 1

2 What is a data breach? A breach is when Girlguiding personal information is: lost stolen deleted unauthorised sharing of it has taken place (for example, shared with the wrong people). A data breach is an incident or omission that results in a loss, theft, deletion, unauthorised sharing or unauthorised access to personal data. For example, leaving unit health forms on the bus, or letting someone else use your GO account. 2

3 Breach or no breach? – Scenario 1
You accidentally left your bag containing members’ contact details on the bus. Breach or no breach? 3

4 Breach or no breach? You accidentally left your bag containing members’ contact details on the bus. BREACH! Personal data may have got into someone else's hands. Report it. You should also consider contacting the bus company to see if your bag was found and handed in to lost property. 4

5 Breach or no breach? – Scenario 2
You have had your bag stolen with your phone in it, which has the phone numbers for other volunteers. You have password protected your phone. Breach or no breach? 5

6 Breach or no breach? You have had your bag stolen with your phone in it, which has the phone numbers for other volunteers. You have password protected your phone. BREACH! Personal data may have got into someone else's hands even if it has a password. Password protection does help and should be used, but can also be hacked if someone knows what they are doing and are determined. Using your fingerprint as a lock on your phone is a preferable and more secure way to protect it. You may be able to remotely delete all the data on your phone, if you have set up this option on your phone. Report it. 6

7 Breach or no breach? – Scenario 3
You are running an event and, over lunch, have left a pile of handouts and copies of uncompleted worksheets unattended, including the event agenda.  Breach or no breach? 7

8 Breach or no breach? You are running an event and, over lunch, have left a pile of handouts and copies of uncompleted worksheets unattended, including the event agenda.  No breach As long as this does not consist of any personal data, it is not a breach. 8

9 Breach or no breach? – Scenario 4
You have sent some handwritten notes on a safeguarding case in the post to Girlguiding HQ. They haven’t arrived and you suspect they’ve been lost in the post. Breach or no breach? 9

10 Breach or no breach? You have sent some handwritten notes on a safeguarding case in the post to Girlguiding HQ. They haven’t arrived and you suspect they’ve been lost in the post. BREACH! Personal data may have got into someone else's hands. Report it. 10

11 Breach or no breach? – Scenario 5
You’re organising a county awayday and have accidentally sent an containing details on who is attending, as well as their dietary, health and access needs, to everyone attending. Breach or no breach? 11

12 Breach or no breach? You’re organising a county awayday and have accidentally sent an containing details on who is attending, as well as their dietary, health and access needs, to everyone attending. BREACH! Personal data may have got into someone else's hands. Report it. If you can and know how to, try to recall the . 12

13 Breach or no breach? – Scenario 6
At an event you have organised, a member requires first aid and you share their health form with the on-site first aider. Breach or no breach? 13

14 Breach or no breach? At an event you have organised, a member requires first aid and you share their health form with the on-site first aider. No breach In this case, no breach has been made as a named first aider – even for the venue you are using – needs to know anything related to the health of the member, in order to best look after them. 14

15 Breach or no breach? – Scenario 7
A member’s father, who is not a named primary contact, asks you for her whereabouts when she is on a residential, as a family emergency has arisen. You give him this information, so he can contact her.  Breach or no breach? 15

16 Breach or no breach? A member’s father, who is not a named primary contact, asks you for her whereabouts when she is on a residential, as a family emergency has arisen. You give him this information, so he can contact her.  BREACH! How do you know the man who has contacted you is her father? Even if he is, if he is not a named primary contact, you should not be sharing personal information with him. Report it to the data protection officer, who will ascertain if he is her father and handle his request for data. 16

17 Breach or no breach? – Scenario 8
You use a shared account with another volunteer in your region, as you both share a role. Breach or no breach? 17

18 Breach or no breach? You use a shared account with another volunteer in your region, as you both share a role. BREACH! Personal data may have got into someone else's hands who should not have it. Report it. Volunteers should not share accounts. The only exception is if you share an account with a volunteer you share a role with solely to send out non-personal information – for example, ‘Unit closed next Tuesday’. You may not use it to allow responses and, therefore, ing parents/carers, members or volunteers after anything which may involve personal data. 18

19 Breach or no breach? – Scenario 9
At an event, another member of your leadership team needs to look something up on GO, but cannot remember their log-in. You give them yours, so that they can find the information they need. Breach or no breach? 19

20 Breach or no breach? At an event, another member of your leadership team needs to look something up on GO, but cannot remember their log-in. You give them yours, so that they can find the information they need. BREACH! You should never share your GO account details or allow anyone else to access it. Personal data may have got into someone else's hands, which they should not have. Report it. 20

21 Breach or no breach? – Scenario 10
You have been helping with an active safeguarding case. You are stepping down from your role in Girlguiding and therefore ‘hand over’ this information to the volunteer taking on your role. Breach or no breach? 21

22 Breach or no breach? You have been helping with an active safeguarding case. You are stepping down from your role in Girlguiding and therefore ‘hand over’ this information to the volunteer taking on your role. No breach In this case, as you are stepping down from your role and someone else will be picking up your role, it is OK to brief them on the case and what has happened so far. If in doubt about what to pass on, contact the Safeguarding team at HQ. 22

23 Breach or no breach? – Scenario 11
After an event, you destroy all printed documents you had by tearing them in half and then in half again, and putting them in a bin. Breach or no breach? 23

24 Breach or no breach? After an event, you destroy all printed documents you had by tearing them in half and then in half again, and putting them in a bin. BREACH! Personal data may have got into someone else's hands. You should ideally have shredded the documents, but – if not – cut them into small pieces, so it is not possible to put them back together, and deposit them in at least two bins – not all in one bin. Report it. 24

25 Breach or no breach? – Scenario 12
You’ve taken your girls away on a trip. You’ve taken some photos of them doing adventure activities and have posted a few on the unit’s Facebook page so parents/carers can see what the girls are up to. You have not asked for specific permission to do so. Breach or no breach? 25

26 Breach or no breach? You’ve taken your girls away on a trip. You’ve taken some photos of them doing adventure activities and have posted a few on the unit’s Facebook page so parents/carers can see what the girls are up to. You have not asked for specific permission to do so. BREACH! If you have not collected specific permission to use these images from all the girls’ parents/carers (if under 18) in this way, this is a breach. Report it. 26

27 Breach or no breach? – Scenario 13
You are involved in a safeguarding case and get a call to discuss it from a parent/carer when you’re on a train going to work. You have the conversation and realise you may have been heard by members of the public. Breach or no breach? 27

28 Breach or no breach? You are involved in a safeguarding case and get a call to discuss it from a parent/carer when you’re on a train going to work. You have the conversation and realise you may have been heard by members of the public. BREACH! This is a potential breach. It depends what you said, which may have identified who you were talking about. For example, did you say their full name? It is best to contact the Data Protection team to discuss. 28

29 Breach or no breach? – Scenario 14
You have left your unit register at the meeting place on a table. It consists of members’ first and second names, and nothing else. Breach or no breach? 29

30 Breach or no breach? You have left your unit register at the meeting place on a table. It consists of members’ first and second names, and nothing else. No breach This is not a breach as there is no other form of personal data (for example, dates of birth or even the unit’s name, or a Girlguiding logo). The only exception to be aware of would be if the names consisted of any which were unique and, therefore, meant the members might be identified solely by their name. If in doubt, report it. 30

31 What can you do to prevent a breach from happening?
See Top Tips Slides GDPR 007 for lists of top tips. These include: Keep member information in the Membership System (GO). Always keep member information up to date. Only use personal information to support guiding activities. Only download or print personal information when absolutely necessary and use the minimum amount of information required. Destroy/delete personal information as soon as you have finished with it. Keep downloaded information on a device that is password protected. Keep printed information in a secure place. Do not share personal information unless you have the person’s consent – be careful about who you send an to and always use the BCC box. 31

32 Will I be held responsible for any data breach that I may make?
If it was a genuine accident, we understand mistakes happen and we are only human. We will be on hand to support you to rectify the situation.   However, if your actions were deliberate, then you could be in breach of your Volunteer Code of Conduct. We understand that sometimes things go wrong. If you shared data inappropriately deliberately, for example, by not following policies and procedures or selling data on, then that is a breach of the Volunteer Code of Conduct, which may affect your membership. However, if it was a genuine accident – for example, something got stolen or you sent an by mistake to the wrong person, then we will do our best to help you. Our data protection officer will be able to advise you. 32

33 Key messages: Identify a breach – If personal data has been lost/stolen, or shared incorrectly, or if you think it may have been. Report it – As soon as possible, but no longer than 48 hours after the breach. If unsure if something is a breach, report it or , extension 3060). • Explain breaches can lead to personal data being used maliciously and therefore could create big issues. We want to follow good practice and minimise the likelihood of any breaches.   • Explain the key messages for participants to take away from this is to identify a breach and report it. If unsure if something is a breach, participants should err on the side of caution and report it as soon as possible to the data protection officer at Girlguiding HQ by or phone. They will tell you if there is anything else you need to do. 33

Download ppt "Breach or no breach? Today’s trainer: 1"

Similar presentations

Protect Our Students Protect Ourselves

Protect Our Students Protect Ourselves
Are you being a safe and successful digital citizen? E-safety

Are you being a safe and successful digital citizen? E-safety
SAFEGUARDING DHS CLIENT DATA PART 2 SAFEGUARDING PHI AND HIPAA Safeguards must: Protect PHI from accidental or intentional unauthorized use/disclosure.

SAFEGUARDING DHS CLIENT DATA PART 2 SAFEGUARDING PHI AND HIPAA Safeguards must: Protect PHI from accidental or intentional unauthorized use/disclosure.
HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)

HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)
Are you being a safe and successful digital citizen?

Are you being a safe and successful digital citizen?
Business Continuity Check List PageOne. - Why Does Your Business Need A Continuity Checklist? Should the unexpected occur, your business will be able.

Business Continuity Check List PageOne. - Why Does Your Business Need A Continuity Checklist? Should the unexpected occur, your business will be able.
Practical Information Management

Practical Information Management
Welcome to the wonderful world of……. E-Mail. A Quick & Easy Guide.  What IS E-mail?  A quick, easy and convenient way to send a letter to friends, family.

Welcome to the wonderful world of……. . A Quick & Easy Guide.  What IS ?  A quick, easy and convenient way to send a letter to friends, family.
Communicating in the Electronic Age Andrea Adkins 4-H Volunteer & Librarian Washington County Find this and more online at tips4hvols.wordpress.com.

Communicating in the Electronic Age Andrea Adkins 4-H Volunteer & Librarian Washington County Find this and more online at tips4hvols.wordpress.com.
FERPA Family Educational Rights and Privacy Act A Tutorial.

FERPA Family Educational Rights and Privacy Act A Tutorial.
YEAR 6’S GUIDE TO STAYING SAFE ON THE INTERNET. CHATTING When you are chatting to people online, try not to give out any personal information about yourself.

YEAR 6’S GUIDE TO STAYING SAFE ON THE INTERNET. CHATTING When you are chatting to people online, try not to give out any personal information about yourself.
To understand how to recognise and avoid potential fraudulent situations To appreciate that being a victim of fraud may affect me emotionally as well.

To understand how to recognise and avoid potential fraudulent situations To appreciate that being a victim of fraud may affect me emotionally as well.
Adult Student Match.

Adult Student Match.
8 – Protecting Data and Security

8 – Protecting Data and Security
Protect Our Students Protect Ourselves

Protect Our Students Protect Ourselves
Unit 5 Understand how to work in partnership

Unit 5 Understand how to work in partnership
A FRUIT AND VEGETABLE PRESCRIPTION PROGRAM

A FRUIT AND VEGETABLE PRESCRIPTION PROGRAM
Digital Footprint November 2016

Digital Footprint November 2016
Invigilating Cambridge exams

Invigilating Cambridge exams
As modern children, we have a huge number of electronic devices available to us. We might use computers, tablets, mobile phones or games consoles; for.

As modern children, we have a huge number of electronic devices available to us. We might use computers, tablets, mobile phones or games consoles; for.

Similar presentations

Ads by Google