Presentation is loading. Please wait.

Presentation is loading. Please wait.

Training on Data Protection Roles of the Data Protection Office.

Published bySuzanna Lindsay Sparks Modified over 8 years ago

Similar presentations

Presentation on theme: "Training on Data Protection Roles of the Data Protection Office."— Presentation transcript:

1 Training on Data Protection Roles of the Data Protection Office

2 Contents Registration/Renewal Data Protection Compliance Overall Administration of DPO Audit Security

3 Registration/Renewal  Assist DC in filling application form  Verify all necessary documents submitted  Ensure that all required personal infortion are declared on application form

4 Data Protection Compliance Provide assistance and advice to DCs on the issues of DPA compliance Attends meeting with the DCs on data protection issues Issue enforcement Notices Carry out Security check & audit Role of DPO From enforcer to strategic advisor The role of the regulators towards compliance monitors, educators, liaisons between business and government, and active participants in privacy debates

5 Data Protection Compliance Provide assistance/advice to organisations Attends meeting with the DC on data protection issues Issue enforcement Notices Carry out Security check & audit

6 Overall Administration of DPO -Keep in touch with -Research & -Technology Process files for certificates. Attend queries of the Data Controllers Providing adequate training to staff and Data Controllers regularly -Sensitization -Investigation to complaint

7 Research - Keep in touch with research & emerging Technologies Produce guidelines to help DCs. Project Management & Data Protection Data Security & IT Setting up of a forensic Lab

8 Technology Technology opens the doors to a world of opportunities. – But there are serious privacy risks considerations. Technology developers will need to enshrine privacy in the standards development process using privacy by design approach

9 Auditing 1. Purpose – to obtain a complete picture, as far as possible, of the structure of personal information flows within an organisation so that the appropriate compliance procedures can be put in place to ensure that the organization deals with personal data in accordance with – data protection law, – the general law and – best practices.

10 Auditing 2. Organisation Chart – For large-scale and complex organisations the first stage is to obtain an organizational chart showing the operational, managerial and departmental structure of the organization together with – the names and locations of the personnel who have managerial or – operational responsibility for information within the organisation.

11 Auditing 3. Questionnaires Data protection audit questionnaires should then be sent to each named individual – for completion or – may be used as the basis for face to face interviews.

12 Auditing 4. Analysis of information Once all the questionnaires have been completed the organisation is in a position – to compile a complete diagram of the use of information within the organization which can then form the basis of a review of the organisation's compliance with data protection law and other relevant law. For large-scale and complex organizations, – it is recommended that such audits are carried out annually.

13 Security Security as a core business value A data controller shall – (a) take appropriate security and organisational measures for the prevention of unauthorised access to, alteration of, disclosure of, accidental loss, and destruction of the data in his control; and (b) ensure that the measures provide a level of security appropriate to – – (i) the harm that might result from the unauthorised access to, alteration of, disclosure of, destruction of the data and its accidental loss; and – (ii) the nature of the data concerned.

14 Other related issues Publications & ICT Laws ICTA News Releases Public Notices Tender Notices Events Publications & Reports Guidelines & Decisions Public Consultations ICT Laws Telecommunication Directives Memorandum of Understanding (MOU) Regulations Regulations on ICT Appeal Tribunal

15 Conclusion As the digital ecosystem evolves, regulators and organisations need to open the lines of communication. Together, regulators and organisations need to serve as the stewards of privacy protection

Download ppt "Training on Data Protection Roles of the Data Protection Office."

Similar presentations

Identifying Data Protection Issues Developing Lifelong Learner Record Systems and ePortfolios in FE and HE: Planning for, and Coping with, Legal Issues.

Identifying Data Protection Issues Developing Lifelong Learner Record Systems and ePortfolios in FE and HE: Planning for, and Coping with, Legal Issues.
Tips to a Successful Monitoring Visit

Tips to a Successful Monitoring Visit
Data Security Breach Code of Practice. Data Security Concerns Exponential growth in personal data holdings Increased outsourcing 3 rd countries cloud.

Data Security Breach Code of Practice. Data Security Concerns Exponential growth in personal data holdings Increased outsourcing 3 rd countries cloud.
1 The Data Protection Officer at work Experience, good practices and lessons learnt Pierre Vernhes – former DPO at the Council of the EU Workshop on Data.

1 The Data Protection Officer at work Experience, good practices and lessons learnt Pierre Vernhes – former DPO at the Council of the EU Workshop on Data.
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.

USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
RESEARCH COMPLIANCE Agenda 1. No Destruction of local research documents after scanning 2. Training for shipping biological samples/specimens 3. Regulatory.

RESEARCH COMPLIANCE Agenda 1. No Destruction of local research documents after scanning 2. Training for shipping biological samples/specimens 3. Regulatory.
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
Getting data sharing right for every child

Getting data sharing right for every child
ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.

ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.
Data Protection and the GRA. 1. Commentary on Data Protection 2. The GRA’s Role The Register Investigations, Mediation and Compensation Enforcement Notices.

Data Protection and the GRA. 1. Commentary on Data Protection 2. The GRA’s Role The Register Investigations, Mediation and Compensation Enforcement Notices.
E B a n k i n g Information Security Guidelines ABA’s Technology Risk Management – A Strategic Approach Telephone/Webcast Briefing June 17, 2002.

E B a n k i n g Information Security Guidelines ABA’s Technology Risk Management – A Strategic Approach Telephone/Webcast Briefing June 17, 2002.
6/1/2015MINISTRY OF ENERGY, COMMUNICATIONS AND MULTIMEDIA 1 PRESENTATION OF PERSONAL DATA PROTECTION BILL PRESENTATION OF PERSONAL DATA PROTECTION BILL.

6/1/2015MINISTRY OF ENERGY, COMMUNICATIONS AND MULTIMEDIA 1 PRESENTATION OF PERSONAL DATA PROTECTION BILL PRESENTATION OF PERSONAL DATA PROTECTION BILL.
1 Pertemuan 7 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

1 Pertemuan 7 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
Data Management Awareness January 23, 2008 1 University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.

Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.
IS Audit Function Knowledge

IS Audit Function Knowledge
Regulatory Body MODIFIED Day 8 – Lecture 3.

Regulatory Body MODIFIED Day 8 – Lecture 3.
Internal Control and Internal Audit

Internal Control and Internal Audit
Presented By: Donna Denker, CPA Donna Denker & Associates.

Presented By: Donna Denker, CPA Donna Denker & Associates.

Similar presentations

Ads by Google