Presentation is loading. Please wait.

Presentation is loading. Please wait.

Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

Published byJulius Grimley Modified over 9 years ago

Similar presentations

Presentation on theme: "Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005."— Presentation transcript:

1 www.dataprotection.gov.je The Data Protection (Jersey) Law 2005

2 www.dataprotection.gov.je The Data Protection (Jersey) Law 2005 A Law to make provision for the regulation of the processing of information relating to individuals including the obtaining, holding and use or disclosure of such information.

3 www.dataprotection.gov.je The Data Protection (Jersey) Law 2005 KEY DEFINITIONS: DATA Means information which is: Automatically processed or Recorded with the intention of being automatically processed or Recorded as part of a relevant filing system

4 www.dataprotection.gov.je The Data Protection (Jersey) Law 2005 KEY DEFINITIONS: Means any set of information relating to individuals to the extent that the set is structured either by reference to individuals, or in such a way that specific information relating to a particular individual is readily accessible. RELEVANT FILING SYSTEM

5 www.dataprotection.gov.je The Data Protection (Jersey) Law 2005 KEY DEFINITIONS: PERSONAL DATA Data which relates to a living individual who can be identified: From those data or From those data and any information which is in the possession of, or is likely to come into the possession of the data controller

6 www.dataprotection.gov.je The Data Protection (Jersey) Law 2005 Racial or ethnic origin Political opinions Religious or other beliefs Trade union membership Physical or mental health Sexual life Offences KEY DEFINITIONS: SENSITIVE PERSONAL DATA

7 www.dataprotection.gov.je The Data Protection (Jersey) Law 2005 includes obtaining, holding and carrying out any operation on the information or data KEY DEFINITIONS: PROCESSING

8 www.dataprotection.gov.je The Data Protection(Jersey)Law 2005 An individual who is the subject of personal data An individual who is the subject of personal data. KEY DEFINITIONS: DATA SUBJECT

9 www.dataprotection.gov.je The Data Protection (Jersey) Law 2005 A A person who (either alone or in common with other persons) determines the purposes for which and the manner in which personal data are, or are to be, processed. KEY DEFINITIONS: DATA CONTROLLER

10 www.dataprotection.gov.je The Data Protection (Jersey) Law 2005 a person (other than an employee) who processes the data on behalf of the data controller KEY DEFINITIONS: DATA PROCESSOR

11 www.dataprotection.gov.je Notification Data controller’s name and address Name and address of representative (if relevant) Description of personal data being processed Description of the purpose of processing Description of intended recipients List of non-EEA countries data may be transferred to Security Statement…

12 www.dataprotection.gov.je Security Statement Questions Are the measures based on an assessment of the risks involved in the processing? Do such measures include: - adopting an information security policy? - taking steps to control physical security? - putting in place controls on access to information? - establishing a business continuity plan? - training staff on security systems & procedures? - detecting & investigating security breaches?

13 www.dataprotection.gov.je The Data Protection (Jersey) Law 2005 There are 8 Data Protection Principles which set enforceable standards for the collection and use of personal data. The Principles

14 www.dataprotection.gov.je The First Principle: Data Protection (Jersey) Law 2005 Personal data shall be processed fairly and lawfully and in particular shall not be processed unless: Schedule 2 is satisfied for all personal data Schedule 3 is satisfied for all sensitive personal data

15 www.dataprotection.gov.je The First Principle (Cont’d): Fairness: The identity of the data controller The purpose(s) for which the data are intended to be processed Any other information which is necessary having regard to the specific circumstances in which the data are, or are to be processed The individual must be informed of:

16 www.dataprotection.gov.je Privacy Policy Statements What information does the site receive and how is it used? Can I choose what information I disclose? Can I choose what information I receive? How can I review, access or change my information? How is my information kept secure? Who has access to my information? What about other companies? Who can I contact if I have a query?

17 www.dataprotection.gov.je The Second Principle: Personal data shall be obtained for only one or more specified and lawful purpose and shall not be further processed in any manner incompatible with that purpose or purposes.

18 www.dataprotection.gov.je The Third Principle: Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.

19 www.dataprotection.gov.je The Fourth Principle: Personal data shall be accurate and, where necessary, kept up to date.

20 www.dataprotection.gov.je The Fifth Principle: Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

21 www.dataprotection.gov.je The Sixth Principle: Personal data shall be processed in accordance with the rights of data subjects under this Law.

22 www.dataprotection.gov.je Individuals Rights Access Correction, erasure, destruction Stop processing Direct marketing Automated decision-making Compensation

23 www.dataprotection.gov.je The Seventh Principle: Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

24 www.dataprotection.gov.je Seventh Principle - Interpretation Appropriateness of measures Reliability of employees Reliability of data processor Contract to cover processing

25 www.dataprotection.gov.je Practical Implementation of the Seventh Principle Clarify responsibilities Assess risks Formulate policy Impose contractual obligations Proactive policy implementation and oversight

26 www.dataprotection.gov.je The Eighth Principle: Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

27 www.dataprotection.gov.je Lessons to learn Get involved early Take the initiative Integrated approach Assess outsourcing options Take a proactive approach Reap the rewards of compliance!

Download ppt "Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005."

Similar presentations

Identifying Data Protection Issues Developing Lifelong Learner Record Systems and ePortfolios in FE and HE: Planning for, and Coping with, Legal Issues.

Identifying Data Protection Issues Developing Lifelong Learner Record Systems and ePortfolios in FE and HE: Planning for, and Coping with, Legal Issues.
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
TEAM 4 Case Study Mauritius: Mrs Nandini Kissoon-Luckputtya

TEAM 4 Case Study Mauritius: Mrs Nandini Kissoon-Luckputtya
Archive, Records Management and Museum Services Confidentiality, Personal Data and the Data Protection Act 1998 Alan R Bell Records Manager and Information.

Archive, Records Management and Museum Services Confidentiality, Personal Data and the Data Protection Act 1998 Alan R Bell Records Manager and Information.
Data Protection.

Data Protection.
What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.

What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.
1 Pertemuan 7 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

1 Pertemuan 7 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.

University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.
Training at Ministry of Industry, Commerce and Consumer Protection Presented By: Mrs Dodah Pravina Mr Dookee Padaruth Date : 11 September 2014 Explaining.

Training at Ministry of Industry, Commerce and Consumer Protection Presented By: Mrs Dodah Pravina Mr Dookee Padaruth Date : 11 September 2014 Explaining.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection Overview

Data Protection Overview
The Data Protection Act

The Data Protection Act
 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.

 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.
Data Protection for Church of Scotland Congregations

Data Protection for Church of Scotland Congregations
CENTRAL SCOTLAND POLICE Data Protection & Information Security Stuart Macfarlane Information Governance Unit Police Service of Scotland.

CENTRAL SCOTLAND POLICE Data Protection & Information Security Stuart Macfarlane Information Governance Unit Police Service of Scotland.
The Information Commissioner’s Office David Evans.

The Information Commissioner’s Office David Evans.
EHRs and the European Union – current legislation and future directions. Dr Richard Fitton.

EHRs and the European Union – current legislation and future directions. Dr Richard Fitton.
The Data Protection Act 1998 The Eight Principles.

The Data Protection Act 1998 The Eight Principles.
OCR Nationals Level 3 Unit 3.  To understand how the Data Protection Act 1998 relates to the data you will be collecting, storing and processing  To.

OCR Nationals Level 3 Unit 3.  To understand how the Data Protection Act 1998 relates to the data you will be collecting, storing and processing  To.
Data Protection: An enabler? David Freeland, Senior Policy Officer 23 October 2014.

Data Protection: An enabler? David Freeland, Senior Policy Officer 23 October 2014.

Similar presentations

Ads by Google