Information Handling Research Student Induction Day

Slides:

Advertisements

Similar presentations

Data Protection & Privacy in the Information Age COMNET – Legal Frameworks for ICTs Malta 2013 Dr Antonio Ghio Dr Jeanine Rizzo.

Advertisements

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi David Cauchi Office of the Commissioner for Data Protection.

The Data Protection (Jersey) Law 2005.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi Office of the Data Protection Commissioner.

Data Protection Overview

Data Protection for Church of Scotland Congregations

Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.

IT Applications Theory Slideshows By Mark Kelly Vceit.com Privacy Laws.

Data Protection for Church of Scotland Congregations.

Data Protection Principles as Basic Foundation for Data Protection in EU/EEA Introduction to Data Protection Theory Seminar - AFIN Stephen.

DATA PROTECTION ACT INTRODUCTION The Data Protection Act 1998 came into force on the 1 st March It is more far reaching than its predecessor,

Data Protection Principles as Basic Foundation for Data Protection in EU/EEA Introduction to Data Protection Theory Seminar - AFIN Stephen.

Sharing Information Legally Lindsay Ould London Borough of Lewisham.

Presented by Ms. Teki Akuetteh LLM (IT and Telecom Law) 16/07/2013Data Protection Act, 2012: A call for Action1.

Protection of Personal Information Act An Analysis on the impact.

Clark Holt Limited (Co. No ), Hardwick House, Prospect Place, Swindon, SN1 3LJ Authorised and regulated by the Solicitors Regulation.

Understanding Privacy An Overview of our Responsibilities.

TRANSBORDER DATA FLOWS INA MEIRING. THE PROTECTION OF PERSONAL INFORMATION ACT (“POPI”) > 'personal information' means information relating to an identifiable,

Understanding Privacy An Overview of our Responsibilities.

Monique Jefferson & Nadine Mather

The future of data protection: General Data Protection Regulation

Processing for archiving purposes in the GDPR

Issues of personal data protection in scientific research

The General Data Protection Regulation act (GDPR)

IT Applications Theory Slideshows

General Data Protection Regulation

General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.

GDPR Overview Gydeline – October 2017

Data Protection Update – GDPR or bust

General Data Protection Regulation: Turning the black into white

GDPR Overview GDPR - General Data Protection Regulations

GDPR Overview Gydeline – October 2017

The European Union General Data Protection Regulation (GDPR)

GDPR Road map to Compliance.

Data Protection & Freedom of Information- An Introduction

General Data Protection Regulation (GDPR)

GENERAL DATA PROTECTION REGULATION (GDPR)

The Rise of Privacy: Complying with GDPR in the United States

The General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR)

New Data Protection Legislation

State of the privacy union

G.D.P.R General Data Protection Regulations

ScHARR Bite Size Research Ethics and GDPR: legal requirements for research - what you need to know.

The GDPR and research data

GDPR Overview and Use Cases.

General Data Protection Regulation

Data Protection principles

Data Protection and You

Preparing for the GDPR - What do we need to do if we process children’s personal data? Data Protection Practitioners’ Conference 2018 #DPPC2018.

Relocation CARNIVAL come one…come all

Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .

Mathew Norman, Policy & Public Affairs Officer, RLA Wales

IMPLICATIONS OF GDPR ROBERT BELL.

GDPR Workshop MEU Symposium Prague 2018

Data Protection in a Tutorial Context

 How does GDPR impact your business? Pro Tip: Pro Tip: Pro Tip:

The General Data Protection Regulation: Are You Ready?

PERSONAL INFORMATION BILL

Welcome IITA Inbound Insider Webinar: An Introduction to GDPR

GDPR – General Data Protection Regulation

Overview of the recommendations regarding approximation of the Law on personal data protection to the new EU General data protection regulation Valerija.

Data Protection for SDS Employers Alison Johnston Lead Policy Officer (Scotland) Information Commissioner’s Office.

General Data Protection Regulation Q & A Session

Dr Elizabeth Lomas The General Data Protection Regulation (GDPR): Changing the data protection landscape Dr Elizabeth Lomas

General Data Protection Regulation (GDPR)

The European Union’s General Data Protection Regulation (GDPR): Overview and Guidance SUNY Office of General Counsel Spring 2019.

ScHARR Bite Size Research Ethics and GDPR: legal requirements for research - what you need to know.

Presentation transcript:

Information Handling Research Student Induction Day

GDPR - Data Protection Act 2018 A new Data Protection Act came into force on May 25th 2018, and is designed to modernise laws that protect the personal information of individuals. It builds upon previous legislation to give us greater control over our data and provides new rights like the right to be informed and the right to be forgotten. It also extends the powers of the Information Commissioner's Office. It requires us to demonstrate (and document) we have considered privacy risks. It also strengthens the requirement for us to have appropriate organisational and technical controls to protect privacy.

Are you a data controller or processor? means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be processed. “data processor” in relation to personal data, means any person (other than an employee of the data controller) who processes the data on behalf of the data controller. “processing” in relation to information or data means obtaining, recording or holding the information or data or carrying out any operation or set of operations on the information or data, including: a) organisation, adaptation or alteration of the information or data, b) retrieval, consultation or use of the information or data, c) disclosure of the information or data by transmission, dissemination or otherwise making available, or d) alignment, combination, blocking, erasure or destruction of the information or data. Joint Controller

What is personal and special category data? Name The following categories of personal data are more private than others for self evident reasons. Race or ethnic origin Political opinions Religious beliefs Trade union membership Health Sexual orientation Genetic data Biometric data Criminal history Address or Location Online identity Personnel profile Income

Why is it relevant to research? Potentially collect and re-use personal data Lawful basis for processing Necessary for a task carried out in the public interest Processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes Safeguards Data Minimisation De-identification: Anonymization and Pseudonymisation Collecting special category data requires obtaining and recording informed consent.

Thinking ahead about the data flow Data Collection Data Collection Data Input / Capture Data Storage Data Safeguarding Data Analysis Data Archiving ? Right to be informed Obtaining consent Data sharing agreements Device encryption Data in transit Data deletion Not outside the EU Approved by City Appropriate access controls Protect privacy Mitigate risk of re-identification Open data sets Secure tools and analysis protocols Controlled access and data sharing Archive period (10 years ?) Use of Figshare Record of information assets

How we hope to help Develop a listing of typical information handling hazards and mitigation strategies. Work with Research and Enterprise to build data protection by design into the existing processes. Help route researchers to the right resources to ensure appropriate technical controls are in place.