Data Protection & Freedom of Information The Practical Implications of Data Protection and Freedom of Information Caroline Dominey Data Protection Officer.
Published byModified over 6 years ago
Presentation on theme: "Data Protection & Freedom of Information The Practical Implications of Data Protection and Freedom of Information Caroline Dominey Data Protection Officer."— Presentation transcript:
Data Protection & Freedom of Information The Practical Implications of Data Protection and Freedom of Information Caroline Dominey Data Protection Officer
Overview Data Protection Act Freedom of Information Act Practical advice on Records Management Q&A
Data Protection Act Rights –Informed of use of personal data –Incorrect personal data corrected –To access personal data –Prevent certain processing Responsibilities –Register with Information Commissioner –Process Personal data legally in line with 8 principles.
The Data Protection Principles 1.Processed fairly & lawfully. 2.Obtained only for specified & lawful purposes & not further processed in a manner incompatible with that purpose. 3.Adequate, relevant & not excessive. 4.Accurate & kept up to date. 5.Shall not be kept for longer than is necessary. 6.Processed in accordance with the rights of data subjects. 7.Protected against accidental loss, destruction or damage. 8.Personal data shall not be transferred outside the European Economic Area unless adequate protection exists.
Freedom of Information Rights –‘Right to know’ Responsibilities –Publication scheme (available at: www.ex.ac.uk/foi ) www.ex.ac.uk/foi –Respond to other requests within 20 working days
Requests for Information Data Protection –Request for personal data –40 calendar days –£10 maximum charge –Data Protection Officer to respond Freedom of Information –Other information –Must be in writing, to any member of staff –20 working days –Exemptions –£450 fee limit –Duty to offer advice and assistance –Bias in favour of disclosure
Records Management (1) 1.Security & Access Confidentiality Data Protection Other Data Security Physical security Restricted access
Records Management (2) 2.Electronic Records E-mails Re-read before sending Use the subject line sensibly Cc & Bcc with care File your e-mail Deletion Version control Shared servers Technology
Records Management (3) 3.Destruction Every copy? Retention Schedule Complete deletion?
Summary Data Protection, FOI and other laws regulate the way in which we manage Information Simple RM practices can save time, energy and money Generally it’s not until something goes wrong that RM becomes an issue.
And finally… www.admin.ex.ac.uk/academic/datapro Caroline Dominey firstname.lastname@example.org Ext: 3033