Presentation is loading. Please wait.

Presentation is loading. Please wait.

Finance and Governance Workshop Data Protection and Information Management 10 June 2014.

Published byEric Chambers Modified over 9 years ago

Similar presentations

Presentation on theme: "Finance and Governance Workshop Data Protection and Information Management 10 June 2014."— Presentation transcript:

1 Finance and Governance Workshop Data Protection and Information Management 10 June 2014

2 Why look after personal data? (1) …Because it's one of your most valuable assets: Increase (and measure) participation Promote good governance Know your stakeholders Bring money into your sport

3 Why look after personal data? (2) …Because it's one of your biggest risks: Increasing regulation (and enforcement) Loss of trust/bad publicity Loss of all the benefits good data management can bring

4 Data Management Priorities for NGBs What are YOUR data protection and data management priorities?

5 Data Management Priorities for NGBs 1. Security: Keeping personal data safe – Data Protection Act 1998 (Principle 7) – Appropriate technical and organisational security measures to protect from loss, misuse or damage – Managing a breach: notification? – Enforcement: monetary penalties of up to £500,000 (for now)

6 Data Management Priorities for NGBs 2. Consents: making personal data work for you – Data Protection Act 1998 (Principle 1) – "Fair and lawful processing": information/consent – Privacy and Electronic Communications Regulations 2003: electronic "direct marketing" – Data protection statements – Privacy Policies

7 Data Management Priorities for NGBs 3. Information requests: how to respond – Data Protection Act 1998: Subject Access Requests Written request for own personal data 40 days to respond Exemptions and limitations A practical response? – Freedom of Information Act 2000

8 Data Management Priorities for NGBs 4. Outsourcing: trusting third parties with data – Data processor = third party processing personal data on NGB's behalf (NGB remains responsible) – Due diligence, written contract (security, control) – No transfer outside the EEA without "adequate protection" (Principle 8) – Data protection issues in "the cloud"

9 Addressing the Issues Cyber/Data is no longer just an IT concern – it is a strategic business risk Poses a tangible threat to the financial stability of your organisation 4 key steps you can take towards effective risk management

10 4 Key Steps Step 1 – Understand and profile your risk  Identify and involve stakeholders – Senior management, IT heads, Marketing, Legal and your Broker  Develop scenarios and assess the likely impact, both operationally and financially  Use impact analysis to create course of action – Treat, Tolerate or Transfer to insurance?

11 4 Key Steps Step 2 – Insurability  Work closely with your broker to determine whether key risks identified are covered by existing insurance arrangements or insurable in the current market  Review policy wordings carefully and seek clarification from insurers  Obtain indicative costs for budgeting

12 4 Key Steps Step 3 – Mitigating Risks  Identify alternative options to reduce risks. For example, limit access points/controls to prevent unauthorised access to systems, implement written policies, review contractual arrangements with third parties  Utilise professional support from insurers  Regularly review and update your risks

13 4 Key Steps Step 4 – Effective Communication  Increase awareness of these new risks through your organisation – safeguarding data is the responsibility of all  Training and competence of new policies and procedures to employees

14 Hindrance into Opportunity Robust data governance provides: Reduced operational costs through leaner data processes and improved efficiencies Consistency across databases resulting in greater insight and innovation from information Confidence in data for faster and better decision making A competitive advantage

Download ppt "Finance and Governance Workshop Data Protection and Information Management 10 June 2014."

Similar presentations

2 1.Client protection principles 2.Principle #6 in practice 3.The client perspective 4.Participant feedback 5.Tools for improving practice 6.Conclusion.

2 1.Client protection principles 2.Principle #6 in practice 3.The client perspective 4.Participant feedback 5.Tools for improving practice 6.Conclusion.
Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.

Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.
Risk Management Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.

Risk Management Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.
SEMINAR NAIC/ASSAL/SVS REGULATION & SUPERVISION OF MARKET CONDUCT © 2014 National Association of Insurance Commissioners Overview and Purpose of Market.

SEMINAR NAIC/ASSAL/SVS REGULATION & SUPERVISION OF MARKET CONDUCT © 2014 National Association of Insurance Commissioners Overview and Purpose of Market.
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
Getting data sharing right for every child

Getting data sharing right for every child
ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.

ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.
Professional Behaviour

Professional Behaviour
Developing a Records & Information Retention & Disposition Program:

Developing a Records & Information Retention & Disposition Program:
Www.oaic.gov.au Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.

Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.
The Australian/New Zealand Standard on Risk Management

The Australian/New Zealand Standard on Risk Management
Challenge Questions How good is our operational management?

Challenge Questions How good is our operational management?
MEANS TO AN END: the OECD Approach for Effective Implementation of Public Procurement Systems Getting really strategic Paulo Magina Head of the Public.

MEANS TO AN END: the OECD Approach for Effective Implementation of Public Procurement Systems Getting really strategic Paulo Magina Head of the Public.
Outsourcing Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.

Outsourcing Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.
Information Commissioner’s Office: data protection Judith Jones Senior Policy Officer Strategic Liaison – public security 16 November 2011.

Information Commissioner’s Office: data protection Judith Jones Senior Policy Officer Strategic Liaison – public security 16 November 2011.
For more information visit us at www.hempsons.co.uk Small Charities Coalition Risk management Catherine Rustomji Head of Third Sector North – Hempsons.

For more information visit us at Small Charities Coalition Risk management Catherine Rustomji Head of Third Sector North – Hempsons.
Safeguarding & Protecting Children Tutor Update Day 16 th May 2012.

Safeguarding & Protecting Children Tutor Update Day 16 th May 2012.
Audiences NI Data Protection Workshop

Audiences NI Data Protection Workshop
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection Overview

Data Protection Overview

Similar presentations

Ads by Google