1 / 13

Data Protection – sharing i nformation with tenants 6 th November 2013 Scrutiny

Data Protection – sharing i nformation with tenants 6 th November 2013 Scrutiny.net. Yvonne Davies Director, Scrutiny & Empowerment Partners Ltd. For Discussion. Information Commissioner Advice Eight principles What do we share and why? What training is offered?

rayya
Download Presentation

Data Protection – sharing i nformation with tenants 6 th November 2013 Scrutiny

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Data Protection – sharing information with tenants6th November 2013Scrutiny.net Yvonne Davies Director, Scrutiny & Empowerment Partners Ltd

  2. For Discussion • Information Commissioner Advice • Eight principles • What do we share and why? • What training is offered? • What do customers sign? www.ico.org.uk/for_organisations/data_protection

  3. Information Commissioner 8 principles

  4. Personal data • Personal data means data which relate to a living individual who can be identified – • (a) from those data, or • (b) from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller, • and includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual.

  5. Sensitive personal data • Equality • Mental health or physical condition • Sex life • Trade union • Political opinion • Offence or alleged offence • Court proceedings

  6. Personal data breach A personal data breach means "a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed in connection with the provisions of a public electronic communications service."  Forms from the ICO for reporting

  7. Who is involved? • Data subject • Data controller – the landlord • Data processor Volunteers treated as employees, provided: • Sign a confidentiality statement • Training is expected • Appropriate action is taken on breach • Determine data at risk – give basic info only • Safeguards - security of data • Risk v benefit assessment

  8. Stage one: keep a log • Keep a log of personal data breaches • You must keep a record of all personal data breaches in an inventory or log. It must contain: • the facts surrounding the breach; • the effects of that breach; and • remedial action taken.

  9. Stage two – notify the ICO You must notify the Information Commissioner of any personal data breaches within 24 hours of becoming aware of the essential facts of the breach. This notification must include at least: • your name and contact details • the date and time of the breach (or an estimate) • the date and time you detected it • basic information about the type of breach • basic information about the personal data concerned

  10. Stage three – tell those affected • your name and contact details • the estimated date of the breach • a summary of the incident • the nature and content of the personal data • likely effect on the individual • any measures you have taken to address the breach • how they can mitigate any possible adverse impact of the breach 

  11. Giving Consent • To be valid, consent must be knowingly given, clear and specific. It must involve some form of positive action – for example, ticking a box, clicking an icon, sending an email, or subscribing to a service – and the person must fully understand that they are giving consent.

  12. Tenants as volunteers • What training is offered? • ICO material and general support • New joiners • TOR, CoC, role description and confidentiality agreement • What do customers sign? Data Protection Act – confidentiality statement • What do we share, when and why? Discuss!

  13. Thank-you for listeningQuestions and Discussionwww.tenantadvisor.net yvonne@tenantadvisor.net Tel: 07867 974659 www.tenantadvisor.net/blog

More Related