Presentation is loading. Please wait.

Presentation is loading. Please wait.

Www.actnow.org.uk Ten things you should know about Data Protection Paul Simpkins Director, Act Now Training Ltd.

Published byGiovanna Meager Modified over 10 years ago

Similar presentations

Presentation on theme: "Www.actnow.org.uk Ten things you should know about Data Protection Paul Simpkins Director, Act Now Training Ltd."— Presentation transcript:

1 www.actnow.org.uk Ten things you should know about Data Protection Paul Simpkins Director, Act Now Training Ltd

2 www.actnow.org.uk 1. Learning the lingo

3 www.actnow.org.uk Definitions Personal Data Data Controller Data Processor Data Subject Notification Subject Access Request

4 www.actnow.org.uk Notification One notification per organisation £35 Tier 1 or £500 Tier 2 250 FTE Criminal Offences Viewable online

5 www.actnow.org.uk 2. Five types of data

6 www.actnow.org.uk Category (a) On Computer CCTV & video DIP Audio Swipe cards & Oysters

7 www.actnow.org.uk Category (b) Intended to be automated

8 www.actnow.org.uk Category (c) Paper or Card Relevant Filing System Structured by reference to individuals Readily Accessible Durant Guidance

9 www.actnow.org.uk Category (d) Medical Records Social work records Housing Records Education Records

10 www.actnow.org.uk Unstructured Data Category (e) data From 2005 Only Public Bodies Some exemptions 2 access regimes to data

11 www.actnow.org.uk 3. Fair, honest & open

12 www.actnow.org.uk Principle 1 Personal data shall be processed fairly and lawfully

13 www.actnow.org.uk Principle 1 The data controller should ensure that the data subject is provided with at least the identity of the data controller the purpose for which data is processed any further information necessary

14 www.actnow.org.uk CCTV signs Clearly visible and Legible Size matters Information Identity of controller Purpose of scheme Details of contact

15 www.actnow.org.uk 4. Can I share data with…?

16 www.actnow.org.uk Partnership Working Central Govt desire for joint working ICO data sharing code of practice Fair Obtaining & Processing – Principle 1 Lawful Gateways Data Sharing Protocols

17 www.actnow.org.uk Lawful Gateways Crime & Disorder Act 1998 Section 115 Anti-terrorism, Crime & Security Act 2001 National Health Services Act 1977 Education Act 1966 s 520 (school nurses) Children Act 2004 s10, 11, 12 (databases) Local Government Act 1972 & 2003 Localism Act 2011

18 www.actnow.org.uk Data Sharing Protocols Purpose Powers to share Partners Processes Public Document

19 www.actnow.org.uk 5. Good Records

20 www.actnow.org.uk Principle 3 Personal data shall be adequate, relevant and not excessive

21 www.actnow.org.uk Principle 4 Personal data shall be accurate and, where necessary, kept up to date.

22 www.actnow.org.uk Principle 5 Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

23 www.actnow.org.uk 6. Read me my rights

24 www.actnow.org.uk Principle 6 1.Subject Access 2.Prevent Processing 3.Direct Marketing 4.Automated Decisions 5.Compensation/Rectification 6.To request an assessment

25 www.actnow.org.uk Subject Access A valid request is Application in writing Proof of identity Fee Some direction

26 www.actnow.org.uk Subject Access Controller must respond promptly In any event within 40 days Starting on the relevant day

27 www.actnow.org.uk Direct Marketing Communication (by whatever means) of any advertising or marketing material which is directed to a particular individual

28 www.actnow.org.uk Computer says no… People can object to an automated decision Some exemptions Once you know… …you can object in writing Controller has 21 days.

29 www.actnow.org.uk 7. Keep your data safe

30 www.actnow.org.uk Principle 7 Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data

31 www.actnow.org.uk Principle 7 Training Policies & Procedures Data security breach policy Civil Monetary Penalties Passwords

32 www.actnow.org.uk Principle 7 Contracts With Data Processors Made or evidenced in writing Processor to act only on Controller’s instructions Controller should check Processor’s Security and Employees

33 www.actnow.org.uk 8. Who’s the daddy?

34 www.actnow.org.uk Enforcement Request for assessment Information Notice Enforcement Notice Prosecution Tribunal Supreme court

35 www.actnow.org.uk Offences Failure to notify or to notify changes Failure to comply with written request Failure to comply with a Notice Unauthorised obtaining/disclosing Procuring a disclosure to another person Unlawful selling Enforced Subject Access

36 www.actnow.org.uk Penalties Undertakings Notices from ICO Prosecution £500K Fines & Jail time Inspect public sector without notice PR disasters

37 www.actnow.org.uk 9. Exemptions

38 www.actnow.org.uk Exemptions S. 28 - National security S. 29 - Crime and taxation S. 30 - Health, education & social work S. 31 - Regulatory activity S. 32 - Journalism, literature & art

39 www.actnow.org.uk Exemptions S. 33 - Research, history & statistics S. 34 - Publicly available by any enactment S. 35 - Required by law/proceedings S. 36 - Domestic purposes

40 www.actnow.org.uk 10. Social Media

41 www.actnow.org.uk Policy or Prosecution? Social Media Policy Disciplinary offence Bringing the organisation into disrepute Preece v Wetherspoons Defamation

42 www.actnow.org.uk Thank you www.actnow.org.uk paul@actnow.org.uk

Download ppt "Www.actnow.org.uk Ten things you should know about Data Protection Paul Simpkins Director, Act Now Training Ltd."

Similar presentations

Data Protection Information Management / Jody McKenzie.

Data Protection Information Management / Jody McKenzie.
BIOMETRICS, CCTV & DATA PROTECTION By Drudeisha Madhub Data Protection Commissioner Date: 09.07.14.

BIOMETRICS, CCTV & DATA PROTECTION By Drudeisha Madhub Data Protection Commissioner Date:
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.

What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.
University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.

University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.
Data Protection Act 1998. Description The Data Protection Act controls how your personal information can be used and protects from the misuse of your.

Data Protection Act Description The Data Protection Act controls how your personal information can be used and protects from the misuse of your.
Audiences NI Data Protection Workshop

Audiences NI Data Protection Workshop
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection Overview

Data Protection Overview
An overview of the Data Protection Act 1998. Legal framework The Data Protection Act 1998 came into force in March 2001, replacing the Data Protection.

An overview of the Data Protection Act Legal framework The Data Protection Act 1998 came into force in March 2001, replacing the Data Protection.
The Data Protection Act

The Data Protection Act
The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.

The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.
 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.

 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.
Data Protection for Church of Scotland Congregations

Data Protection for Church of Scotland Congregations
CENTRAL SCOTLAND POLICE Data Protection & Information Security Stuart Macfarlane Information Governance Unit Police Service of Scotland.

CENTRAL SCOTLAND POLICE Data Protection & Information Security Stuart Macfarlane Information Governance Unit Police Service of Scotland.
The Information Commissioner’s Office David Evans.

The Information Commissioner’s Office David Evans.
Regulation of Personal Information Daniel Pettitt, Leon Sewell and Matthew Pallot.

Regulation of Personal Information Daniel Pettitt, Leon Sewell and Matthew Pallot.
Health & Social Care Apprenticeships & Diploma

Health & Social Care Apprenticeships & Diploma
Data Protection and You Your Rights & The Law Registration Basics Other Activities Disclaimer: This presentation only provides an introductory info. Please.

Data Protection and You Your Rights & The Law Registration Basics Other Activities Disclaimer: This presentation only provides an introductory info. Please.
The Data Protection Act 1998 The Eight Principles.

The Data Protection Act 1998 The Eight Principles.

Similar presentations

Ads by Google