1 / 64

Recording and Data Protection Training 13 th March 2014

This training session will cover good recording practices, legal requirements for data protection, and how to ensure compliance in recording, retention, and storage. Topics include the importance of recording, roles involved, and the principles of data protection.

ealtman
Download Presentation

Recording and Data Protection Training 13 th March 2014

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Recording and Data Protection Training 13th March 2014

  2. Prayer Colette Stevenson

  3. Objectives • To identify what good recording practice is and who is involved in the process • To identify and discuss the legal requirements around data protection • To examine how our practice in recording, retention and storage takes account of these requirements

  4. Key Times • Break- 11:30-11:45 • Lunch 12.30-1.30

  5. Group Work • In each group discuss the following: • Why do we record? • Who is involved in the process? • What are the possible difficulties and problems associated with recording?

  6. Recording provides a structure and clarity to complex information. Enables a history or chronology of safeguarding events to be appropriately logged – assists risk assessment Provides a record of all “significant” contacts and events. Why Record?

  7. Why Record? Aids decision making. Allows Church Authority to identify patterns/behaviour emerging which give rise for concern. Facilitates monitoring and auditing of safeguarding practice Enables Accountability

  8. Roles Involved in Recording Teresa Devlin

  9. Role of the Bishop/Congregational Leader • To be responsible for all safeguarding practices by: • Ensuring that the appropriate safeguarding structures and personnel are in place. • Liaising with the Holy See as appropriate. • Ensuring compliance with canon and civil law. • Upholding the 7 standards in practice and behaviour.

  10. Role of the Designated Liaison Person • Hearing concerns or allegations. • Passing on concerns or allegations to civil authorities and NBSCCCI • Managing the case and all associated documents. • Liaising with the Support Person, Adviser and Bishop/Provincial. • Conducting internal inquiries. • Contributing to upholding the 7 standards in practice and behavior.

  11. Role of the Support Person • Keeping the complainant informed of the process of the case. • Helping direct the complainant to counselling and support. • Recording any meetings or contact they have with the complainant, and reporting to DLP as appropriate. • Upholding the 7 standards in practice and behaviour.

  12. Role of the Adviser • Keeping the respondent informed of the process of the case. • Helping direct the respondent to counselling and support. • Recording any meetings or contact they have with the respondent and reporting to the DLP as appropriate. • Upholding the 7 standards in practice and behaviour.

  13. Complaint received – passed to DL Initial information recorded and passed to DLP Acknowledgment by DLP – information will be passed to civil authorities, if not why not Narrative record Statement from complainant Response by respondent Resource 16 – notification Flow of Information

  14. DLP should take responsibility for managing all records Sets up file Completes narrative accounts Receives reports from Support person and Advisor Roles and responsibilities - Recording

  15. Records meetings and forwards a copy to DLP for file Acts as conduit between complainant and Church Authority Assists in exchange of information Advises Church Authority on needs of complainant Support Person

  16. Appointed to walk the journey with the respondent Meets regularly and records that meetings have taken place – passes this to DLP Represents the needs of the respondent to the Church Authority Adviser

  17. Where risk is assessed and monitoring plan is in place agreement needed on: Who monitors What is recorded How is safety plan reviewed Monitoring role

  18. BREAK

  19. Legal Requirements Niall Moore

  20. 1. Obtain and process information fairly 2. Keep data only for one or more specified and lawful purposes 3. Process data only in ways compatible with the purposes for which it was given 4. Keep it safe and secure Data Protection Principles

  21. 5. Keep it accurate and up to date 6. Ensure it is adequate, relevant and not excessive 7. Retain it no longer than is necessary for the specified purpose 8. Give a copy of his/her personal data to any individual on request Data Protection Principles

  22. A point to remember…. No transfer out of the European Union without safeguards

  23. In each group take one of the principles and discuss: What does the principle mean? How can we test to see if we are compliant? How compliant are you now?

  24. LUNCH

  25. Feedback

  26. Comes from Section 2(1) A of the Acts It requires that individuals are made fully aware of: The identity of the persons collecting To what use the information will be put The people to whom the information will be disclosed Other ways the information may be used Other new ways the information may be used adapted from www.dataprotection.ie Principle 1

  27. Am I compliant? To demonstrate compliance you should be able to answer YES to the following: When people are giving you information: • do they know what information you will keep about them? • do they know the purpose for which you keep and use it? • do they know the people or bodies to whom you disclose or pass it? adapted from www.dataprotection.ie

  28. Comes from Section 2(1)(c)(i) of the Acts It requires that all information is held for the purpose which the data controller outlines in their registry entry statement. adapted from www.dataprotection.ie Principle 2

  29. Am I compliant? To demonstrate compliance you should be able to answer YES to the following: • Do you specify the purpose for which you are collecting and holding information? • Is that purpose lawful? • Can you make a precise statement of that purpose? • Have you a list of data you keep and the purpose for each data set? adapted from www.dataprotection.ie

  30. Comes from Section 2(1)(c)(ii) of the Acts Requires that you only use information for the purpose and that it is not passed to third parties, except in ways that are compatible with the purpose adapted from www.dataprotection.ie Principle 3

  31. Am I compliant? To demonstrate compliance you should be able to answer YES to the following: • Do you use the data in ways consistent with the purpose for which it is kept • Do you disclose the data only in ways consistent with the purpose? adapted from www.dataprotection.ie

  32. Comes from Section 2(1)(d) of the Acts Requires that the security of personal information is regarding as ‘all important’. adapted from www.dataprotection.ie Principle 4

  33. Am I compliant? To demonstrate compliance you should be able to answer YES to the following: • Is access to your computers and manual files restricted to authorised staff only? • Is access to the information restricted on a "need-to-know" basis in accordance with a defined policy? • Are your computer systems password protected? • Is information on screens kept hidden from callers to your offices? • Have you a back-up procedure in operation, including off-site back-up? • Are all waste papers, printouts, etc. disposed of carefully? adapted from www.dataprotection.ie

  34. Comes from Section 2(1)(b) of the Acts You must ensure that the personal information you keep is accurate and up to date. Apart from ensuring compliance with the Acts, you may be liable for individual damages if you fail to observe the correct duty of care. adapted from www.dataprotection.ie Principle 5

  35. Am I compliant? To demonstrate compliance you should be able to answer YES to the following: • Are your clerical and computer procedures adequate to ensure high levels of data accuracy? • Has the general requirement to keep personal data up-to-date been fully examined? • Have appropriate procedures been installed to ensure that each data item is kept up-to-date? adapted from www.dataprotection.ie

  36. Comes from Section 2(1)(c) (iii) of the Acts The data you keep should be enough to enable you to achieve your purpose and no more. adapted from www.dataprotection.ie Principle 6

  37. Am I compliant? To demonstrate compliance you should be able to answer YES to the following: • Is the personal information I hold really necessary for my business? • Am I asking people to provide me with just the information I need, and no more? • Do I have a good reason for asking people sensitive or personal questions? adapted from www.dataprotection.ie

  38. Comes from Section 2(1)(c) (iv) of the Acts Places a responsibility on data controllers to be clear about the length of time for which data is kept and the reason it is retained. adapted from www.dataprotection.ie Principle 7

  39. Am I compliant? To demonstrate compliance you should be able to answer YES to the following: • Is there a defined policy on retention periods for all items of personal data kept? • Are there clerical and computer procedures in place to implement such a policy? • Is information about old cases routinely purged from our systems? adapted from www.dataprotection.ie

  40. Comes from Section 4 of the Acts Individuals can access information if they: Apply in writing Give any details which might be needed to help you identify him or her to locate information you hold Pay a fee no more than 6.95 if you charge one. adapted from www.dataprotection.ie Principle 8

  41. They are entitled to: A copy of data A description of the purpose for which it is held A description of those to whom the data may be disclosed The source of the data unless it is contrary to public interest adapted from www.dataprotection.ie Principle 8 Continued

  42. Am I compliant? To demonstrate compliance you should be able to answer YES to the following: • Do you have a system outlining what you must do when a request to access information comes through? • Can you provide the information in 40 days? adapted from www.dataprotection.ie

  43. How and what do you record? Colette Stevenson

  44. Record concerns, allegations clearly as such and not as fact Put concerns, allegations to subject Record subject’s response Comment upon and evaluate response Ask subject to agree/disagree record? Process of Recording

  45. Dated(contemporaneous) Timed(if necessary) Signed(not just initialed) In chronological order Legible and copy-able (use black pen or, better, type) Not deleted (no Tippex) How to record. Records should be . ..

  46. Knowing how to do it is one thing But knowing what to record is another

  47. If you are clear about what you are supposed to be doing, you are more likely to know what to helpfully record.

  48. We see/hear what we expect to see/hear Selective perception and retention (Un) conscious selection of what we record Motives for selecting what we record? Power of person making the record “It takes effort and determination to see what is in front of one’s face.” (Orwell) . Be as Objective As Possible

  49. Facts Observable behaviours Reported information / Observations Verifiable information Opinions Interpretations Assessments Evaluations Value judgements Distinguish between Fact and Opinions

More Related