html5-img
1 / 6

Data protection and data sharing

Data protection and data sharing. Victoria Cetinkaya, Senior Policy Officer, Information Commissioner’s Office 29 November 2013, DCLG Really Useful Day for Suppliers. The eight principles of the DPA98. Fair and lawful processing Processed for limited & specified purposes

ianna
Download Presentation

Data protection and data sharing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Data protection and data sharing Victoria Cetinkaya, Senior Policy Officer, Information Commissioner’s Office 29 November 2013, DCLG Really Useful Day for Suppliers

  2. The eight principles of the DPA98 • Fair and lawful processing • Processed for limited & specified purposes • Adequate, relevant and not excessive • Accurate and up to date • Not kept for longer than necessary • Processed in line with individuals’ rights • Kept secure – appropriate measures • Not transferred outside the EEA without adequate protection

  3. Access to information - DPA right of subject access - Individuals have a right of access to their personal data held by you - 40 day time limit; maximum fee of £10 can be charged - FOIA right to request information – anyone can request information held by a public authority. This includes local authorities. - 20 working day time limit

  4. Data security Common themes: - loss/theft of unencrypted laptops and memory sticks - insecure disposal of personal data - lost records - information posted, faxed or emailed to the wrong recipient - lack of staff training and proper procedure - insecure websites - remote working

  5. Data sharing: the ICO approach - DPA is not a barrier where information sharing is justified, necessary and proportionate - DPA provides a framework for sharing in a secure, lawful and reasonable way - Limitations and safeguards essential - Vital to get it right with partnerships, multi-agencies, outsourcing - Statutory code

  6. Data sharing - Why do you want to share – purposes - Can you achieve your aims without sharing personal data? - A proportionate approach? - Minimise the data shared - Risks of sharing vs. risks of not sharing - Ask or tell? - Data sharing agreements

More Related