Presentation is loading. Please wait.

Presentation is loading. Please wait.

AIMS To raise awareness of some of the issues To offer advice on solutions To identify what might be considered as ‘best practice’ To launch new Policies.

Published byBrice Pierce Modified over 9 years ago

Similar presentations

Presentation on theme: "AIMS To raise awareness of some of the issues To offer advice on solutions To identify what might be considered as ‘best practice’ To launch new Policies."— Presentation transcript:

1 AIMS To raise awareness of some of the issues To offer advice on solutions To identify what might be considered as ‘best practice’ To launch new Policies and guidelines I was asked to choose a password with at least 8 characters in it ………

2 New Policies Information security management policy Incorporating: –Portable media policy –Reporting Information Security Events Policy –5 point Data Protection Breach Management plan –Remote Access agreement And other guidance documents –New starters / induction procedures –3 rd party access to data –Disposal of redundant equipment

3 Scenario 1 A request for information about a pupil is made by a Police officer relating to an alleged serious offence. The request is made over the phone. Can you give the officer the requested information 1)Over the telephone 2)At all?

4 Scenario 3 Sharing a teacher login on a classroom PC. Is this a Data Protection breach? Sharing a teacher login to SIMS on a classroom PC. Is this a Data Protection breach?

5 Scenario 5 A teacher takes home an unencrypted memory stick containing teaching resources and lesson plans. The teacher loses the memory stick. What are the implications for the school?

6 Scenario 6 A class teacher has written pupil reports and saved them to an unencrypted USB memory stick. The stick is lost on the school premises. What happens next?

7 Scenario 9 A school secretary is asked to fax a list of pupil names, addresses, dates of birth to a travel company hosting a school exchange visit. Is this appropriate? What procedure should be followed?

8 Data Breach Management Plan 1 Fundamental details: Location, Contacts, Incident outline; 2 Containment & Recovery: Recovery plan, Incident response, Damage limitation; 3 Data Risk Assessment: What type of information, How sensitive, Who is affected, Number, Consequences – serious? substantial? potential harm; 4 Notifications Who has been notified and notification evaluations 5 Evaluation/Conclusion Effectiveness of response, investigation, mitigating factors, improvements to risk management This is all about minimising the potential £ine the ICO may levy. 4A 4B 6

Download ppt "AIMS To raise awareness of some of the issues To offer advice on solutions To identify what might be considered as ‘best practice’ To launch new Policies."

Similar presentations

Data Security Breach Code of Practice. Data Security Concerns Exponential growth in personal data holdings Increased outsourcing 3 rd countries cloud.

Data Security Breach Code of Practice. Data Security Concerns Exponential growth in personal data holdings Increased outsourcing 3 rd countries cloud.
Examination of a Privacy Breach

Examination of a Privacy Breach
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Red Flags Rule BAS Forum August 18, 2010. What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.

Red Flags Rule BAS Forum August 18, What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
HITECH ACT Privacy & Security Requirements Cathleen Casagrande Privacy Officer July 23, 2009.

HITECH ACT Privacy & Security Requirements Cathleen Casagrande Privacy Officer July 23, 2009.
HIPAA Regulations What do you need to know?.

HIPAA Regulations What do you need to know?.
© HIPAA Continuity Planners 2012 1 HIPAA Mandates a PLAN! (beyond hardware and software) Presented in Partnership with.

© HIPAA Continuity Planners HIPAA Mandates a PLAN! (beyond hardware and software) Presented in Partnership with.
Information Systems Services Protecting Data – Keeping Safe Kevin Darley, IT Security Co-ordinator 8 th November 2012.

Information Systems Services Protecting Data – Keeping Safe Kevin Darley, IT Security Co-ordinator 8 th November 2012.
Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.

Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.
Walking Through the Breach Notification Process - Beginning to End HIPAA COW Presentation and Panel April 8, 2011.

Walking Through the Breach Notification Process - Beginning to End HIPAA COW Presentation and Panel April 8, 2011.
Finance and Governance Workshop Management of a Data Breach James Webster Hiscox Insurance.

Finance and Governance Workshop Management of a Data Breach James Webster Hiscox Insurance.
Presentation slide 1.1 The government’s vision ‘My vision is one where schools are confidently, successfully and routinely exploiting ICT … By doing so.

Presentation slide 1.1 The government’s vision ‘My vision is one where schools are confidently, successfully and routinely exploiting ICT … By doing so.
ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.

ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.
Wisconsin Knowledge & Concepts Examination (WKCE) Test Security Wisconsin Department of Public Instruction Office of Educational Accountability 06/26/2013.

Wisconsin Knowledge & Concepts Examination (WKCE) Test Security Wisconsin Department of Public Instruction Office of Educational Accountability 06/26/2013.
Business Continuity Check List PageOne. - Why Does Your Business Need A Continuity Checklist? Should the unexpected occur, your business will be able.

Business Continuity Check List PageOne. - Why Does Your Business Need A Continuity Checklist? Should the unexpected occur, your business will be able.
Data Protection Act. Lesson Objectives To understand the data protection act.

Data Protection Act. Lesson Objectives To understand the data protection act.
Information Security Decision- Making Tool What kind of data do I have and how do I protect it appropriately? Continue Information Security decision making.

Information Security Decision- Making Tool What kind of data do I have and how do I protect it appropriately? Continue Information Security decision making.
Practical Information Management

Practical Information Management
Emergency Planning Children and Young People’s Services 17.11.08.

Emergency Planning Children and Young People’s Services

Similar presentations

Ads by Google