introduction to data protection
Download
Skip this Video
Download Presentation
Introduction to Data Protection

Loading in 2 Seconds...

play fullscreen
1 / 28

Introduction to Data Protection - PowerPoint PPT Presentation


  • 120 Views
  • Uploaded on

Introduction to Data Protection. Training prepared by Geoff Webb Information Security & Governance Consultant Data Protection isn’t a choice, it’s the law What all CPH staff must do. Main Points.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Introduction to Data Protection' - hasana


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
introduction to data protection

Introduction to Data Protection

Training prepared by Geoff Webb

Information Security & Governance Consultant

Data Protection isn’t a choice, it’s the law

What all CPH staff must do

DPA Presentation v3

slide2

Main Points

Person Identifiable Data (PID) - the information that would enable a person’s identity to be established

DPA Presentation v3

slide3

Person Identifiable Data (PID)

The term applies to a combination of some of the following data items wherever it/they may appear and irrespective of the name of any data field in which it/they may appear, allowing that patient to be identified:

Name - including last name and any forename or aliases

Address – including any current or past address of residence

Postcode - including any current or past postcode of residence

Telephone number

Date of birth

NHS number

Ethnic category

Local Patient identifier

Hospital Encounter number

Patient pathway identifier

SUS spell ID

Unique booking reference number

Date of death

DPA Presentation v3

slide4

Main Points

Person Identifiable Data (PID) - the information that would enable a person’s identity to be established

Security and confidentiality of PID

DPA Presentation v3

keep it safe don t let someone else have it don t give someone s secrets away

Security and confidentiality of PID

Keep it safe

Don’t let someone else have it

Don’t give someone’s secrets away

DPA Presentation v3

slide6

Security and confidentiality of PID

Why not?

The Data Protection Act is the law that protects us against illegal and inappropriate use of our personal information without our consent, and the same applies to us using the information of others

DPA Presentation v3

slide7

Data Protection Act Principles

Anyone who processes personal information must comply with eight principles of the Data Protection Act, which make sure that personal information is:

Fairly and lawfully processed

Processed for limited purposes

Adequate, relevant and not excessive

Accurate and up to date

Not kept for longer than is necessary

Processed in line with your rights

Secure 

Not transferred to other countries without adequate protection

DPA Presentation v3

slide8

Main Points

Person Identifiable Data (PID) - the information that would enable a person’s identity to be established

Security and confidentiality of PID

The need to identify individual data subjects

DPA Presentation v3

slide9

The need to identify individuals

Do you really need to know who they are?

If so, they must give informed consent

Anonymisation and Pseudonymisation

DPA Presentation v3

data protection act civil rights freedom of information

Reasons to be careful – part 1

Data Protection Act

Civil Rights

Freedom of Information

DPA Presentation v3

information commissioner s office ico wrath of the ico legal and financial penalties

Reasons to be careful – part 2

Information Commissioner’s Office (ICO)

Wrath of the ICO

Legal and Financial penalties

DPA Presentation v3

slide12

Data Protection Act and the ICO

If we breach any of the DPA Principles, the ICO can impose heavy financial penalties, up to £500,000 a time.

If a person thinks that we are not doing all we should with their personal data they can ask the ICO to investigate. The ICO will arrive unannounced and will carry out a stringent audit on all our processes for handling Personal Data.

DPA Presentation v3

information security maintain confidentiality always keep on the right side of the law

What can you do?

Information Security

Maintain Confidentiality

Always keep on the right side of the law

DPA Presentation v3

electronic data security physical security what to watch out for

Information Security

Electronic data security

Physical security

What to watch out for

DPA Presentation v3

don t gossip

Maintain Confidentiality

Don’t gossip

DPA Presentation v3

slide16

Stay safe online

What’s at risk?

Personal information

Corporate information

DPA Presentation v3

source of risk virus writers email attachments software

Stay safe online

Source of risk?

Virus writers

Email attachments

Software

DPA Presentation v3

types of risk worms trojan horses botnet phishing

Stay safe online

Types of risk?

Worms

Trojan Horses

Botnet

Phishing

DPA Presentation v3

types of risk worms trojan horses botnet phishing1

Stay safe online

Types of risk?

Worms

Trojan Horses

Botnet

Phishing

DPA Presentation v3

types of risk worms trojan horses botnet phishing2

Stay safe online

If you click on My Account Activityyou will go to somewhere quite unexpected

Types of risk?

Worms

Trojan Horses

Botnet

Phishing

DPA Presentation v3

can you avoid the risk

Stay safe online

Can you avoid the risk?

DPA Presentation v3

can you avoid the risk not really

Stay safe online

Can you avoid the risk?

Not really

DPA Presentation v3

can you avoid the risk not really damage limitation

Stay safe online

Can you avoid the risk?

Not really

Damage limitation

DPA Presentation v3

can you avoid the risk not really damage limitation use encryption

Stay safe online

Can you avoid the risk?

Not really

Damage limitation

Use Encryption

DPA Presentation v3

avoid being the risk email protocol using social media follow the rules

Stay safe online

Avoid being the risk

Email protocol

Using social media

Follow the rules

DPA Presentation v3

what if you are targeted spam suspected malware you said something you shouldn t have

Stay safe online

What if you are targeted?

SPAM

Suspected Malware

You said something you shouldn’t have

DPA Presentation v3

what you need to do think before you send don t fall for hoaxes take care with social media

Stay safe online

What you need to do

Think before you Send

Don’t fall for hoaxes

Take care with social media

DPA Presentation v3

slide28

Always keep on the right side of the law

Finally

If a process isn’t intuitive, use a Checklist

Know where the Policies, Procedures and Guidelines are stored

When in doubt, ask!

DPA Presentation v3

ad