1 / 8

Education Update Data Protection

Education Update Data Protection. August 2016. Data Protection Awareness Training. The aims of this session is c onfirm expectations that all staff undergo online (ALDO) Data Protection Course and its contents

chason
Download Presentation

Education Update Data Protection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Education Update Data Protection August 2016

  2. Data Protection Awareness Training The aims of this session is • confirm expectations that all staff undergo online (ALDO) Data Protection Course and its contents • the need for data confidentiality and the implications for a breach of data protection • know and understand the 8 principles of data protection • where to find out more information about data protection and the service contact for enquiries

  3. Data Protection All staff who process personal data are now required to undertake e-Learning Data Protection training available on ALDO.The ALDO Data Protection Awareness Course consists of five modules which can be undertaken as your time permits. The five modules are:1. Terminology - e.g. data subject, data controller, processing, third party, etc.2. The 8 Principles - e.g. Processing must be adequate, relevant and not excessive3. Other Areas of the Act - including subject access, consent, exemptions, etc.4. Contact Information and Useful links - List of Data Protection Service reps and links to Data Protection Home Page on Arcadia, ICO website, etc.5. Multiple Choice tests (30 questions)

  4. Data Protection and implications It is important that all school staff who potentially handle pupil and/or staff personal information are sufficiently aware of the Data Protection Principles of good information handling and that staff do not disclose personal information on other people without their consent. Consequences of breaching the Act If Aberdeenshire Council were to breach any one or more of the Data Protection Principles, the Information Commissioner’s Office could impose a substantial fine of up to £500,000 on Aberdeenshire Council and also require the Council to take specific steps to rectify the breach. This could also result in significant negative publicity for Aberdeenshire Council. There are 8 Data Protection principles and all staff require to be familiar with these.

  5. The 8 Principles • Personal information should be processed lawfully and fairly. Individuals must not be misled or deceived and must be told who is collecting the information (in our case Aberdeenshire Council) • Everything that is done or intended to be done with an individual’s personal information must be specified to them • On collecting information from an individual you must ensure that you do not collect more information than is necessary • On collecting information about an individual, you must ensure the information is accurate, and where necessary up to date

  6. The 8 Principles (continued) 5. Any information you collect about an individual must only be kept for as long as necessary 6. Individuals have a number of rights with regard to information. • Right of subject access – Individuals can write to the council to request a copy of some or all of the information the council holds on them • Right to Prevent Processing for Direct marketing • Right to Rectify, Block, Erase or Destroy information 7. Security – Council must put in place measures to ensure personal information (paper or electronic) is not accidentally lost, destroyed or damaged. Also ensuring no unauthorised use.

  7. The 8 Principles (continued) 8. Personal information should only be passed to other countries which have the equivalent of the Data Protection Act and respect Human Rights. e.g. European Union countries are acceptable but not the United States unless company has safe harbour status.

  8. Further Support/More information • Arcadia Information Security Page • Arcadia Data Protection Home Page • ALDO training course • Scottish Information Commissioner website If you have a Data Protection query, for which you require assistance, please contact your Data Protection Service Representative in the first instance. Data Protection Service reps Education and Children Services: Anne Henderson

More Related