Presentation is loading. Please wait.

Presentation is loading. Please wait.

Personal data protection in research projects 20130916.

Published byAgatha Long Modified over 8 years ago

Similar presentations

Presentation on theme: "Personal data protection in research projects 20130916."— Presentation transcript:

1 Personal data protection in research projects 20130916

2 Personal data Personal Data means any data (a) relating directly or indirectly to a living individual; (b) from which it is practicable for the identity of the individual to be directly or indirectly ascertained; and (c) in a form in which access to the processing of the data is practicable.

3 For example, “personal data” can be names, email addresses, telephone numbers, identity card numbers, addresses, or information of any type linked to any personal identifiers gathered for the purposes of research, teaching or staffing/employment-related activities.

4 Data Protection Principles (http://www.pcpd.org.hk/english/ordinance/ordglance1.html) Principle 1: Purpose and manner of collection –This provides for the lawful and fair collection of personal data and sets out the information a data user must give to a data subject when collecting personal data from that subject. Principle 2: Accuracy and duration of retention –This provides that personal data should be accurate, up-to-date and kept no longer than necessary. Principle 3: Use of personal data –This provides that unless the data subject gives consent otherwise personal data should be used for the purposes for which they were collected or a directly related purpose.

5 Principle 4: Security of personal data –This requires appropriate security measures to be applied to personal data (including data in a form in which access to or processing of the data is not practicable). Principle 5: Information to be generally available –This provides for openness by data users about the kinds of personal data they hold and the main purposes for which personal data are used. Principle 6: Access to personal data –This provides for data subjects to have rights of access to and correction of their personal data.

6 Department Data Security Policy Any research project that involves personal data must be reported to the School. The personal data protection protocol must be submitted to and approved by the Data Protection Committee. Personal data must not be stored with the research data. If both personal data and research data must be stored in the same database, prior permission from the Director must be sought. Special security measures will be set up for the designated computers.

7 Personal data must only be accessed by the authorized researchers, designated by the principal investigator of the research project. Personal data in electronic form must be securely protected with a strong encryption algorithm and password. Special security measures will be set up for the designated computers. Those in other forms must be physically locked after use. Electronic personal data must not be stored in any portable storage devices without prior permission from the Director. All personal data must only be stored on the official encrypted portable devices provided by the Department/School, with a strong encryption password.

8 Personal data must not be taken outside the office without prior permission from the Director. Personal data must be securely destroyed immediately after use All media with personal data must always be protected against unauthorized access, and be checked regularly. Any loss of personal data must be reported to the School immediately.

9 Keep your computer up-to-date by applying the most recent security patches (eg Windows Update in Microsoft Windows). No peer-to-peer applications (eg BitTorrent, Foxy) Firewall (eg Microsoft Windows Firewall) Antivirus software (eg Sophos) should be frequently updated (eg daily). Department/School computers To enhance data security:

10 It is the School software policy that only legitimate computer software can be used on School computers –A warning will be given to those staff members who are found to use illegitimate computer software on the School computer. –If the staff member continues to violate the policy, his case will be reported to the university for further action. –All breach incidents will be officially documented.

Download ppt "Personal data protection in research projects 20130916."

Similar presentations

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
DATA PROTECTION and Research University Research Ethics Committee – 30.05.2008 David Cauchi David Cauchi Office of the Commissioner for Data Protection.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi David Cauchi Office of the Commissioner for Data Protection.
Privacy and Information Security Training (2006-07) VUMC Privacy Website www.mc.vanderbilt.edu/privacy.

Privacy and Information Security Training ( ) VUMC Privacy Website
Data Security and legal issues Starter :- 5 Minutes Make a list of all the companies and organisations that you believe holds data on you. Write down what.

Data Security and legal issues Starter :- 5 Minutes Make a list of all the companies and organisations that you believe holds data on you. Write down what.
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
CREATED BY: HMIS Security Awareness Approved 1/10/2012 Revised 1/29/2013 Revised 3/15/2013.

CREATED BY: HMIS Security Awareness Approved 1/10/2012 Revised 1/29/2013 Revised 3/15/2013.
1 3. Data Protection and Privacy Reference: Discovering Computers 2003/2004 Course Technology, Thomson Learning Chapter 12 Note: The privacy laws in HK.

1 3. Data Protection and Privacy Reference: Discovering Computers 2003/2004 Course Technology, Thomson Learning Chapter 12 Note: The privacy laws in HK.
1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.

1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
6/1/2015MINISTRY OF ENERGY, COMMUNICATIONS AND MULTIMEDIA 1 PRESENTATION OF PERSONAL DATA PROTECTION BILL PRESENTATION OF PERSONAL DATA PROTECTION BILL.

6/1/2015MINISTRY OF ENERGY, COMMUNICATIONS AND MULTIMEDIA 1 PRESENTATION OF PERSONAL DATA PROTECTION BILL PRESENTATION OF PERSONAL DATA PROTECTION BILL.
Information Security Policies and Standards

Information Security Policies and Standards
1 Pertemuan 7 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

1 Pertemuan 7 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,

DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
Duncan Woodhouse – Assistant Registrar for Information Security, Risk Management and Business Continuity Helen Wollerton – Administrative Officer (Legal.

Duncan Woodhouse – Assistant Registrar for Information Security, Risk Management and Business Continuity Helen Wollerton – Administrative Officer (Legal.
DEED WorkForce Center Reception and Resource Area Certification Program Module 2 Unit 1b: WorkForce Center System II Learning Objectives III.

DEED WorkForce Center Reception and Resource Area Certification Program Module 2 Unit 1b: WorkForce Center System II Learning Objectives III.
Personal Data Privacy and The Internet by Stephen Lau Privacy Commissioner for Personal Data, Hong Kong SAR at the Joint Conference of the OECD, HCOPIL,

Personal Data Privacy and The Internet by Stephen Lau Privacy Commissioner for Personal Data, Hong Kong SAR at the Joint Conference of the OECD, HCOPIL,
DATA PROTECTION AND PATIENT CONFIDENTIALITY IN RESEARCH Nic Drew Data Protection Manager University Hospital of Wales  2074 6677  2074 5626 

DATA PROTECTION AND PATIENT CONFIDENTIALITY IN RESEARCH Nic Drew Data Protection Manager University Hospital of Wales   
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Personal Data (Privacy) Ordinance Hong Kong Personal Data (Privacy) Ordinance Hong Kong by Stephen Lau Privacy Commissioner for Personal Data Hong Kong.

Personal Data (Privacy) Ordinance Hong Kong Personal Data (Privacy) Ordinance Hong Kong by Stephen Lau Privacy Commissioner for Personal Data Hong Kong.

Similar presentations

Ads by Google