Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Handling Research Student Induction Day

Published byImogen Pitts Modified over 5 years ago

Similar presentations

Presentation on theme: "Information Handling Research Student Induction Day"— Presentation transcript:

1 Information Handling Research Student Induction Day

2 GDPR - Data Protection Act 2018
A new Data Protection Act came into force on May 25th 2018, and is designed to modernise laws that protect the personal information of individuals. It builds upon previous legislation to give us greater control over our data and provides new rights like the right to be informed and the right to be forgotten. It also extends the powers of the Information Commissioner's Office. It requires us to demonstrate (and document) we have considered privacy risks. It also strengthens the requirement for us to have appropriate organisational and technical controls to protect privacy.

3 Are you a data controller or processor?
means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be processed. “data processor” in relation to personal data, means any person (other than an employee of the data controller) who processes the data on behalf of the data controller. “processing” in relation to information or data means obtaining, recording or holding the information or data or carrying out any operation or set of operations on the information or data, including: a) organisation, adaptation or alteration of the information or data, b) retrieval, consultation or use of the information or data, c) disclosure of the information or data by transmission, dissemination or otherwise making available, or d) alignment, combination, blocking, erasure or destruction of the information or data. Joint Controller

4 What is personal and special category data?
Name The following categories of personal data are more private than others for self evident reasons. Race or ethnic origin Political opinions Religious beliefs Trade union membership Health Sexual orientation Genetic data Biometric data Criminal history Address or Location Online identity Personnel profile Income

5 Why is it relevant to research?
Potentially collect and re-use personal data Lawful basis for processing Necessary for a task carried out in the public interest Processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes Safeguards Data Minimisation De-identification: Anonymization and Pseudonymisation Collecting special category data requires obtaining and recording informed consent.

6 Thinking ahead about the data flow
Data Collection Data Collection Data Input / Capture Data Storage Data Safeguarding Data Analysis Data Archiving ? Right to be informed Obtaining consent Data sharing agreements Device encryption Data in transit Data deletion Not outside the EU Approved by City Appropriate access controls Protect privacy Mitigate risk of re-identification Open data sets Secure tools and analysis protocols Controlled access and data sharing Archive period (10 years ?) Use of Figshare Record of information assets

7 How we hope to help Develop a listing of typical information handling hazards and mitigation strategies. Work with Research and Enterprise to build data protection by design into the existing processes. Help route researchers to the right resources to ensure appropriate technical controls are in place.

Download ppt "Information Handling Research Student Induction Day"

Similar presentations

Data Protection & Privacy in the Information Age COMNET – Legal Frameworks for ICTs Malta 2013 Dr Antonio Ghio Dr Jeanine Rizzo.

Data Protection & Privacy in the Information Age COMNET – Legal Frameworks for ICTs Malta 2013 Dr Antonio Ghio Dr Jeanine Rizzo.
DATA PROTECTION and Research University Research Ethics Committee – 30.05.2008 David Cauchi David Cauchi Office of the Commissioner for Data Protection.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi David Cauchi Office of the Commissioner for Data Protection.
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
DATA PROTECTION and Research University Research Ethics Committee – 08.05.2006 David Cauchi Office of the Data Protection Commissioner.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi Office of the Data Protection Commissioner.
Data Protection Overview

Data Protection Overview
Data Protection for Church of Scotland Congregations

Data Protection for Church of Scotland Congregations
Data Protection Corporate training 2012. Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.

Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.
IT Applications Theory Slideshows By Mark Kelly Vceit.com Privacy Laws.

IT Applications Theory Slideshows By Mark Kelly Vceit.com Privacy Laws.
Data Protection for Church of Scotland Congregations.

Data Protection for Church of Scotland Congregations.
Data Protection Principles as Basic Foundation for Data Protection in EU/EEA Introduction to Data Protection Theory Seminar - AFIN 31. 01. 2007 Stephen.

Data Protection Principles as Basic Foundation for Data Protection in EU/EEA Introduction to Data Protection Theory Seminar - AFIN Stephen.
DATA PROTECTION ACT 1998. INTRODUCTION The Data Protection Act 1998 came into force on the 1 st March 2000. It is more far reaching than its predecessor,

DATA PROTECTION ACT INTRODUCTION The Data Protection Act 1998 came into force on the 1 st March It is more far reaching than its predecessor,
Data Protection Principles as Basic Foundation for Data Protection in EU/EEA Introduction to Data Protection Theory Seminar - AFIN 02. 02. 2006 Stephen.

Data Protection Principles as Basic Foundation for Data Protection in EU/EEA Introduction to Data Protection Theory Seminar - AFIN Stephen.
Sharing Information Legally Lindsay Ould London Borough of Lewisham.

Sharing Information Legally Lindsay Ould London Borough of Lewisham.
Presented by Ms. Teki Akuetteh LLM (IT and Telecom Law) 16/07/2013Data Protection Act, 2012: A call for Action1.

Presented by Ms. Teki Akuetteh LLM (IT and Telecom Law) 16/07/2013Data Protection Act, 2012: A call for Action1.
Protection of Personal Information Act An Analysis on the impact.

Protection of Personal Information Act An Analysis on the impact.
Www.clarkholt.com Clark Holt Limited (Co. No. 8774683), Hardwick House, Prospect Place, Swindon, SN1 3LJ Authorised and regulated by the Solicitors Regulation.

Clark Holt Limited (Co. No ), Hardwick House, Prospect Place, Swindon, SN1 3LJ Authorised and regulated by the Solicitors Regulation.
Understanding Privacy An Overview of our Responsibilities.

Understanding Privacy An Overview of our Responsibilities.
TRANSBORDER DATA FLOWS INA MEIRING. THE PROTECTION OF PERSONAL INFORMATION ACT (“POPI”) > 'personal information' means information relating to an identifiable,

TRANSBORDER DATA FLOWS INA MEIRING. THE PROTECTION OF PERSONAL INFORMATION ACT (“POPI”) > 'personal information' means information relating to an identifiable,
Understanding Privacy An Overview of our Responsibilities.

Understanding Privacy An Overview of our Responsibilities.
Monique Jefferson & Nadine Mather

Monique Jefferson & Nadine Mather

Similar presentations

Ads by Google