1 / 17

Data Protection Basics Training for DUS Partners

This training sets out DUS's standards for handling personal data and the importance of data protection. It covers topics such as identifying personal data, the Data Protection Act, subject access requests, email best practices, working securely on the move, storing and using data securely, and potential data breaches.

folks
Download Presentation

Data Protection Basics Training for DUS Partners

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Data Protection Basics - training for all DUS Partners, staff, contractors and volunteers.April 2018

  2. Who should take this training? This training sets out DUS’s standards for handling any data that relates to living people, whether they are Customers, Partners, Staff, Volunteers or others. This training should be taken by all DUS Partner’s and staff contractors who access or use personal data, whether this is on paper or electronically.

  3. What is personal data? Personal data is any information that can identify a living person. This will usually be information about our customers, staff and volunteers. It often includes a person’s name, contact details, or email. However, even by removing a person’s name and address it may be possible to tell who they are. This sort of information must also be treated as personal data.

  4. The law is changing The Data Protection Act is being replaced with the General Data Protection Regulation. The new law introduces serious financial penalties for failure to handle people’s data properly – up to 4% of annual turnover. DUS is committed to treating all customers with dignity and respect. This includes the ways in which we handle their information.

  5. How should we handle personal data? The simplest rule is to always treat people’s data the way you would like other organisations to treat yours or your family’s. We must keep people’s data secure. We must be transparent about what we do with people’s data. We must make sure we listen to people when they ask us about what data we hold, or ask us to correct data

  6. Subject Access Requests People have a right to ask for a copy of the data we hold about them. We must respond in full within 30 days. They are entitled to all information we hold, across any department, including paper documents and emails. We must be careful never to release information that could identify another person. If you receive such a request, you must forward it to the dataprotection@dus-ltd.co.ukmailbox for further advice.

  7. Email – dos and don’ts If you are sending an email to a number of external email addresses, you must use BCC and not CC Before sending an email, check the addresses you’re sending it to are correct If sending an attachment, check carefully that you have attached the correct document Before replying to or forwarding an email containing a long discussion, read it carefully and delete any unnecessary information before forwarding.

  8. Working securely on the move Don’t carry paper documents unless necessary – it is more secure to scan and access electronically. If you must carry paper documents, make sure you do not carry more personal data than required. If you are carrying confidential work documents, keep them separate to your laptop. If you use a notebook, remember how easy it is for this to be lost. Minimise the amount of personally identifiable data you keep in it.

  9. Working securely Use a confidential waste bin for paper with information about customers or staff Make sure all customer data that you keep is locked away. Shred any confidential information once used. Black out any Bank details on paper documents that you are storing using a thick black marker Never share or write down. passwords

  10. Storing and using data securely It is very important that personal data is only stored on CRM systems provided by DUS. Do NOT use your personal email account (Hotmail, Gmail, Yahoo, etc) to carry out DUS work. You must use your DUS email address. Always report lost or stolen equipment to IT

  11. Be cautious! Be very careful of any email you receive with a link or attachment. If you don’t recognise the source, it may be at attempt to find out your login details. Never click on an email link or open an attachment unless you’re sure where it came from. Never supply your password or credentials to anyone – either in a form or by phone. Never install any programs without knowing what they are .

  12. Be discreet! You should only reveal information of a confidential nature to someone if you are sure they are entitled to it. Never discuss confidential work matters with friends or family. Be aware of your surroundings when discussing confidential work matters, both in an office and in public.

  13. What sort of things can go wrong? Loss or theft of paperwork (including personal bags with notebooks) Loss or theft of unencrypted device (laptop, personal device, USB stick) Emails containing confidential information sent to wrong person Data posted to the wrong person Failure to use Bcc Failure to redact data properly Verbal disclosure of data Cyber security incidents.

  14. Never use DUS data for your own purposes We provide access to DUS data in order to deliver our services and support our customers. It must NEVER be used for any other reason other than the purpose in which the data was obtained. You must not access data or systems unless you have permission to do so. You must not share data with any party that is not entitled to see it. It is a criminal offence to use customer data for anything other than which it is intended. This is something that DUS takes very seriously.

  15. What should you do if something goes wrong? Keeping DUS data secure is everyone’s responsibility. If you make a mistake or see something that could put data at risk, never ignore it. You must always report the incident to dataprotection@dus-ltd.co.uk

  16. What do I do now? You will be sent an email to confirm that you have taken the training, please respond accordingly. We will keep records of everyone who has taken this training. If you have any questions about Data Protection or the content of this training, you can contact the the Admin Team by emailing: admin@dus-ltd.co.uk

More Related