Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Role of the Data Protection Officer Donald Henderson Information Compliance Manager 30 September 2010.

Published byNaomi Warren Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Role of the Data Protection Officer Donald Henderson Information Compliance Manager 30 September 2010."— Presentation transcript:

1 1 Role of the Data Protection Officer Donald Henderson Information Compliance Manager 30 September 2010

2 2 3 January 2016 What is the DPO?  Individual with responsibility for ensuring that the organisation is aware of and acts in compliance with the Data Protection Act 1998  Also Codes of Practice  Other ICO guidance  and best practice

3 3 Functions  Notification  Awareness and training  Subject Access Requests  Fair Processing  Data Processing Agreements  Impact assessments  CCTV  IT systems  Security  Data Breaches  Complaints  Data Sharing

4 4 Subject Access Requests  Individual’s right to see what information a Data Controller holds about them  Verification of identity  Mandates  Collation of information  Third party information  Information that would cause damage or distress  Social Work functions  School pupil records

5 5 Fair Processing  Is all the information necessary?  Is the purpose clear?  What is the person consenting to?  Will the data be shared and, if so, who with?  Does retention need to be made clear?  Any issues with children or capacity to consent?  Is the identity of the Data Controller clear?

6 6 Data Processing Agreements  Processing only to instruction  Compliance with the Act  Explicit approval for sub-contractors  Contractors employees aware of responsibilities  Inspection of processing facilities  Assist with subject access requests  Termination of the agreement  Liability

7 7 Impact Assessments - CCTV  Who is responsible  What’s being recorded and why  Camera locations and coverage  Technical issues  Storage and retention  Operation and management  Fair processing  Human Rights

8 8 IT Systems  Formal and informal assessments  Who is responsible  What’s being stored and why  Access rights and restrictions  Passwords and encryption  Supplier access  Retention and deletion  Publication and public access  Technical vulnerabilities and testing  Data sharing

9 9 Information Security  7 th principle  IT security  Physical security  Procedures  Personnel  Culture

10 10 Data Breaches & Complaints  Has something bad happened  How bad is it  How did it happen  Vulnerabilities  Mitigating actions  Notification  Apologies and rectification

11 11 Data Sharing  Formal agreement  What information is to be shared  Purpose  Use  Access  Security  Retention  Fair processing and consent  Review

12 12 Questions Donald Henderson Tel: 01738 477930 Email: dhenderson@pkc.gov.uk

Download ppt "1 Role of the Data Protection Officer Donald Henderson Information Compliance Manager 30 September 2010."

Similar presentations

DATA PROTECTION and Research University Research Ethics Committee – 30.05.2008 David Cauchi David Cauchi Office of the Commissioner for Data Protection.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi David Cauchi Office of the Commissioner for Data Protection.
JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.

JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.
Confidentiality & Records Management. What is Information Governance? What is Records Management?

Confidentiality & Records Management. What is Information Governance? What is Records Management?
IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.

IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.
What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.

What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.
Www.oaic.gov.au Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.

Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.
August 9, 2005 UCCSC -- 2005 IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.

August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
Lecture to Carleton University, Center for European Studies, December 1, 2010.

Lecture to Carleton University, Center for European Studies, December 1, 2010.
Property of Common Sense Privacy - all rights reserved 01875340890 THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.

Property of Common Sense Privacy - all rights reserved THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.
Audiences NI Data Protection Workshop

Audiences NI Data Protection Workshop
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Keeping on top of the Cloud - Compliance from a Regulator’s Perspective Henry Chang, IT Advisor Office of the Privacy Commissioner for Personal Data, Hong.

Keeping on top of the Cloud - Compliance from a Regulator’s Perspective Henry Chang, IT Advisor Office of the Privacy Commissioner for Personal Data, Hong.
Data Protection for Church of Scotland Congregations

Data Protection for Church of Scotland Congregations
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Designing Smart Cities Conference University of Strathclyde, Glasgow 31 st March 2015 “Regulating Smart Cities: Policing & Privacy” Paul Mackie Chief Executive.

Designing Smart Cities Conference University of Strathclyde, Glasgow 31 st March 2015 “Regulating Smart Cities: Policing & Privacy” Paul Mackie Chief Executive.
EU Data Protection IT Governance view Ger O’Mahony 12 th October 2011.

EU Data Protection IT Governance view Ger O’Mahony 12 th October 2011.
Data Protection for Church of Scotland Congregations.

Data Protection for Church of Scotland Congregations.
Information sharing: the view from the ICO Vicky Cetinkaya, Senior Policy Officer, ICO One Staffordshire Information Sharing Protocol launch event Stafford,

Information sharing: the view from the ICO Vicky Cetinkaya, Senior Policy Officer, ICO One Staffordshire Information Sharing Protocol launch event Stafford,
Data Protection Act 1998. The Data Protection Act (DPA) is a balance between rights of the DATA SUBJECT and obligations of the DATA CONTROLLER DATA CONTROLLER.

Data Protection Act The Data Protection Act (DPA) is a balance between rights of the DATA SUBJECT and obligations of the DATA CONTROLLER DATA CONTROLLER.
7062664 Information Management in Retail: A Legal Perspective Chris Hill Barlow Lyde & Gilbert LLP 17 September 2009.

Information Management in Retail: A Legal Perspective Chris Hill Barlow Lyde & Gilbert LLP 17 September 2009.

Similar presentations

Ads by Google