Presentation is loading. Please wait.

Presentation is loading. Please wait.

FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5.

Published byWesley Morrison Modified over 8 years ago

Similar presentations

Presentation on theme: "FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5."— Presentation transcript:

1 FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Control of Information

2 FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Who holds information about you? Many organisations hold personal data about you Government School GP/Hospitals Banks/Building Societies. Shops Who else? Personal Information Information about a named or identifiable individual

3 FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Rights and obligations These organisations all have legitimate reasons for holding this data but as data holders they have… Legal Obligations These are covered in more detail in 10.9 but in summary the Data Protection Act covers the legal obligations of data holders and the rights of data subjects

4 FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Rights of the Data Subject As a data subject you have a legal right of access under the Data Protection Act to data stored about you. This access includes the right to know: What data is stored How it is processed Who has access to it The data controller has up to 40 days to respond to a written request for this information Note: This has been simplified for 10.3 and is covered in more detail in 10.9

5 FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Obligations of Data Controllers Holders of personal data (data controllers) have a legal obligation to: Take security measures to safeguard personal data e.g. prevent unlawful access/disclosure Only allow access to data for lawful processing Ensure that data is not passed to third parties without the explicit consent of the data subject

6 FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Controlling Access 1 There are a number of security measures that can be taken to safeguard personal data: Careful selection of usernames and passwords Installation of firewalls to prevent external access

7 FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Controlling Access 2 Standard procedures e.g. not leaving computers logged in, shredding paper documents, taking care of portable computers The use of encryption for communicating sensitive data Encryption means scrambling the data so that it can only be read be somebody who has the key to unencrypt the data Network tools such as Access Rights (permitted levels of access)

8 FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Access Rights 1 Access to specific programs, files or folders on the network Access to databases at file, record or field level Explain the database example using Moodle Access Rights can be used to control:

9 FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Access Rights 2 View Modify/Edit Create/Add Delete Data Access rights ensure that staff only have access to the data they need Administrators can use access rights/levels to control staffs’ ability to: Different members of staff in an organisation will have different levels of access.

10 FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Paying for Access to Data What does this mean in English? “Understand that the sale of entitlement to access to data may mean paying for a more convenient form of access, the right of which already exists.” AQA specification Some data although available for free may not be in the most useful format. You may therefore be prepared to pay somebody to make it available in a different format e.g. on a searchable CD or summarised into a report.

11 FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Paying for Access to Data 2 Original UK census data is available to the public at the Public Records Office at Kew, London. Many amateur genealogists prefer to pay to obtain the data held there in CD or online format

12 FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Commercial Value of Data “Understand that files on individuals and on organisations that are non-disclosable have commercial value” AQA specification What does this mean in English? Data has commercial value i.e. organisations can sell your personal data to other organisations. You often grant organisations this right when giving them personal data!

13 FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Commercial Value of Data 2 What type of data do organisations buy/sell? Personal & Family Attributes Holiday & Travel Financial Products Fitness & Sporting Activities Newspaper/Magazine Readership Grocery Shopping Preferences Technology Usage Entertainment, Interests & Hobbies Look at this website for a full list of data that can be bought – you might be surprised!website

14 FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Commercial Value of Data 3 Why are businesses, advertisers and market research people prepared to pay for access to data? Collecting personal data is costly, time consuming and it can age quickly It can make more financial sense to buy this data from other organisations that have already collected and checked the data

15 FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5 License Revision Use your textbook/Internet sources to make supplementary notes on the control of information under the headings Rights/obligations Access rights/levels Paying for access Commercial value Answer the questions on this worksheet www.fatmax.org/as1/103/control1.doc

Download ppt "FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5."

Similar presentations

HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website: www.mc.vanderbilt.edu/HIPAA.

HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
PIPA PRESENTATION PERSONAL INFORMATION PROTECTION ACT.

PIPA PRESENTATION PERSONAL INFORMATION PROTECTION ACT.
FERPA 102 Helpful Guide for Administrators, Security Contacts and Support Staff Prepared by the Office of the Registrar Student Records: Institutional.

FERPA 102 Helpful Guide for Administrators, Security Contacts and Support Staff Prepared by the Office of the Registrar Student Records: Institutional.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Protecting Personal Information Guidance for Business.

Protecting Personal Information Guidance for Business.
Data Protection.

Data Protection.
1.3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge.

1.3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.

What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.
HEAVEN’S HANDS COMMUNITY SERVICE H.I.P.A.A. What is HIPAA? HIPAA stands for the Health Insurance Portability and Accountability Act, which was passed.

HEAVEN’S HANDS COMMUNITY SERVICE H.I.P.A.A. What is HIPAA? HIPAA stands for the Health Insurance Portability and Accountability Act, which was passed.
1.3 Control of Information In this section you must be able to: Describe the legal rights and obligations on holders of personal data to permit access.

1.3 Control of Information In this section you must be able to: Describe the legal rights and obligations on holders of personal data to permit access.
Data Protection and Records Management

Data Protection and Records Management
Functional areas Retail Business.

Functional areas Retail Business.
Property of Common Sense Privacy - all rights reserved 01875340890 THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.

Property of Common Sense Privacy - all rights reserved THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.
Data Protection Act.

Data Protection Act.
FatMax 2007. Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5.

FatMax Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5.
Audiences NI Data Protection Workshop

Audiences NI Data Protection Workshop
Standards and Guidelines for Web Page Publishing December 9, 2009.

Standards and Guidelines for Web Page Publishing December 9, 2009.
Higher Administration

Higher Administration

Similar presentations

Ads by Google