Introduction to data protection
This presentation is the property of its rightful owner.
Sponsored Links
1 / 28

Introduction to Data Protection PowerPoint PPT Presentation


  • 94 Views
  • Uploaded on
  • Presentation posted in: General

Introduction to Data Protection. Training prepared by Geoff Webb Information Security & Governance Consultant Data Protection isn’t a choice, it’s the law What all CPH staff must do. Main Points.

Download Presentation

Introduction to Data Protection

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Introduction to data protection

Introduction to Data Protection

Training prepared by Geoff Webb

Information Security & Governance Consultant

Data Protection isn’t a choice, it’s the law

What all CPH staff must do

DPA Presentation v3


Introduction to data protection

Main Points

Person Identifiable Data (PID) - the information that would enable a person’s identity to be established

DPA Presentation v3


Introduction to data protection

Person Identifiable Data (PID)

The term applies to a combination of some of the following data items wherever it/they may appear and irrespective of the name of any data field in which it/they may appear, allowing that patient to be identified:

Name - including last name and any forename or aliases

Address – including any current or past address of residence

Postcode - including any current or past postcode of residence

Telephone number

Date of birth

NHS number

Ethnic category

Local Patient identifier

Hospital Encounter number

Patient pathway identifier

SUS spell ID

Unique booking reference number

Date of death

DPA Presentation v3


Introduction to data protection

Main Points

Person Identifiable Data (PID) - the information that would enable a person’s identity to be established

Security and confidentiality of PID

DPA Presentation v3


Keep it safe don t let someone else have it don t give someone s secrets away

  • Security and confidentiality of PID

Keep it safe

Don’t let someone else have it

Don’t give someone’s secrets away

DPA Presentation v3


Introduction to data protection

  • Security and confidentiality of PID

Why not?

The Data Protection Act is the law that protects us against illegal and inappropriate use of our personal information without our consent, and the same applies to us using the information of others

DPA Presentation v3


Introduction to data protection

  • Data Protection Act Principles

Anyone who processes personal information must comply with eight principles of the Data Protection Act, which make sure that personal information is:

Fairly and lawfully processed

Processed for limited purposes

Adequate, relevant and not excessive

Accurate and up to date

Not kept for longer than is necessary

Processed in line with your rights

Secure 

Not transferred to other countries without adequate protection

DPA Presentation v3


Introduction to data protection

Main Points

Person Identifiable Data (PID) - the information that would enable a person’s identity to be established

Security and confidentiality of PID

The need to identify individual data subjects

DPA Presentation v3


Introduction to data protection

  • The need to identify individuals

Do you really need to know who they are?

If so, they must give informed consent

Anonymisation and Pseudonymisation

DPA Presentation v3


Data protection act civil rights freedom of information

  • Reasons to be careful – part 1

Data Protection Act

Civil Rights

Freedom of Information

DPA Presentation v3


Information commissioner s office ico wrath of the ico legal and financial penalties

  • Reasons to be careful – part 2

Information Commissioner’s Office (ICO)

Wrath of the ICO

Legal and Financial penalties

DPA Presentation v3


Introduction to data protection

  • Data Protection Act and the ICO

If we breach any of the DPA Principles, the ICO can impose heavy financial penalties, up to £500,000 a time.

If a person thinks that we are not doing all we should with their personal data they can ask the ICO to investigate. The ICO will arrive unannounced and will carry out a stringent audit on all our processes for handling Personal Data.

DPA Presentation v3


Information security maintain confidentiality always keep on the right side of the law

  • What can you do?

Information Security

Maintain Confidentiality

Always keep on the right side of the law

DPA Presentation v3


Electronic data security physical security what to watch out for

  • Information Security

Electronic data security

Physical security

What to watch out for

DPA Presentation v3


Don t gossip

  • Maintain Confidentiality

Don’t gossip

DPA Presentation v3


Introduction to data protection

  • Stay safe online

What’s at risk?

Personal information

Corporate information

DPA Presentation v3


Source of risk virus writers email attachments software

  • Stay safe online

Source of risk?

Virus writers

Email attachments

Software

DPA Presentation v3


Types of risk worms trojan horses botnet phishing

  • Stay safe online

Types of risk?

Worms

Trojan Horses

Botnet

Phishing

DPA Presentation v3


Types of risk worms trojan horses botnet phishing1

  • Stay safe online

Types of risk?

Worms

Trojan Horses

Botnet

Phishing

DPA Presentation v3


Types of risk worms trojan horses botnet phishing2

  • Stay safe online

If you click on My Account Activityyou will go to somewhere quite unexpected

Types of risk?

Worms

Trojan Horses

Botnet

Phishing

DPA Presentation v3


Can you avoid the risk

  • Stay safe online

Can you avoid the risk?

DPA Presentation v3


Can you avoid the risk not really

  • Stay safe online

Can you avoid the risk?

Not really

DPA Presentation v3


Can you avoid the risk not really damage limitation

  • Stay safe online

Can you avoid the risk?

Not really

Damage limitation

DPA Presentation v3


Can you avoid the risk not really damage limitation use encryption

  • Stay safe online

Can you avoid the risk?

Not really

Damage limitation

Use Encryption

DPA Presentation v3


Avoid being the risk email protocol using social media follow the rules

  • Stay safe online

Avoid being the risk

Email protocol

Using social media

Follow the rules

DPA Presentation v3


What if you are targeted spam suspected malware you said something you shouldn t have

  • Stay safe online

What if you are targeted?

SPAM

Suspected Malware

You said something you shouldn’t have

DPA Presentation v3


What you need to do think before you send don t fall for hoaxes take care with social media

  • Stay safe online

What you need to do

Think before you Send

Don’t fall for hoaxes

Take care with social media

DPA Presentation v3


Introduction to data protection

  • Always keep on the right side of the law

Finally

If a process isn’t intuitive, use a Checklist

Know where the Policies, Procedures and Guidelines are stored

When in doubt, ask!

DPA Presentation v3


  • Login