Presentation is loading. Please wait.

Presentation is loading. Please wait.

Session 12 Information management and security. 1 Contents Part 1: Introduction Part 2: Legal and regulatory responsibilities Part 3: Our Procedures Part.

Published byConrad Black Modified over 8 years ago

Similar presentations

Presentation on theme: "Session 12 Information management and security. 1 Contents Part 1: Introduction Part 2: Legal and regulatory responsibilities Part 3: Our Procedures Part."— Presentation transcript:

1 Session 12 Information management and security

2 1 Contents Part 1: Introduction Part 2: Legal and regulatory responsibilities Part 3: Our Procedures Part 4: IT system management and development Part 5: Failure to comply and reporting breaches Part 6: Summary

3 2 Introduction Part 1

4 3 Introduction The purpose of our policy on information management and security is to: protect against breaches protect information assets and IT facilities support our data protection policy increase awareness of our requirements of information security

5 4 Application of the policy All staff must ensure: information is accurate information is kept confidential data security breaches are reported

6 5 Legal and regulatory responsibilities Part 2

7 6 Legal and regulatory responsibilities Data Protection Act 1998 SRA Code of Practice 2011 confidential and with consent only for authorised purposes adequate, relevant and not excessive not held for longer than necessary client confidentiality disclosure only as required or permitted by law or the client consents

8 7 Our procedures Part 3

9 8 Our procedures Information management Human resources information Access to offices and filesComputers and IT

10 9 Our procedures (cont) Backup of data Communication and transfer Home working International transfer

11 10 IT systems and development Part 4

12 11 How is the IT system managed? Suitably trained staff Authorisation process New system proposed will undergo risk assessments Software and applications are managed daily Staff are not permitted to install any software on their computer or other equipment supplied by the firm without the consent of the IT Manager

13 12 Failure to comply and reporting breaches Part 5

14 Insert company name/logo 13 Failure to comply and reporting breaches Failure to comply: puts both you and the firm at risk may lead to disciplinary action possibly resulting in dismissal An actual or potential breach of policy: should be reported according to the compliance failure policy

15 14 Summary Part 6

16 15 Summary The information and security policy applies to all staff You must comply with the policy when handling different types of information You are obliged to report an actual or potential breach of the information and security policy Failure to comply with the policy may lead to disciplinary action and/or dismissal

17 16 Final comments Any questions? Email to nigel.harper@parfittcresswell.comnigel.harper@parfittcresswell.com Update your training records in Compliance Manager

Download ppt "Session 12 Information management and security. 1 Contents Part 1: Introduction Part 2: Legal and regulatory responsibilities Part 3: Our Procedures Part."

Similar presentations

Legal & Regulatory Compliance. Overview What types of information should be included? What issues or problems might there be? What benefits could be obtained?

Legal & Regulatory Compliance. Overview What types of information should be included? What issues or problems might there be? What benefits could be obtained?
Information Governance An Introduction. Information Governance Outline What is Information Governance What initiatives does IG cover.

Information Governance An Introduction. Information Governance Outline What is Information Governance What initiatives does IG cover.
Unit 4- Assignment 3 P5, P6, M2 BTEC Business Level 3.

Unit 4- Assignment 3 P5, P6, M2 BTEC Business Level 3.
Confidentiality & Records Management. What is Information Governance? What is Records Management?

Confidentiality & Records Management. What is Information Governance? What is Records Management?
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
Training prepared by Geoff Webb Information Security & Governance Consultant Data Protection isn’t a choice, it’s the law What all CPH staff must do 17/07/2013.

Training prepared by Geoff Webb Information Security & Governance Consultant Data Protection isn’t a choice, it’s the law What all CPH staff must do 17/07/2013.
What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.

What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.
Higher Administration and IT Administrative Practices.

Higher Administration and IT Administrative Practices.
Health and Safety Legislation

Health and Safety Legislation
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Outsourcing Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.

Outsourcing Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.
Property of Common Sense Privacy - all rights reserved 01875340890 THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.

Property of Common Sense Privacy - all rights reserved THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.
Audiences NI Data Protection Workshop

Audiences NI Data Protection Workshop
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
UNIT 3C Security of Information. SECURITY OF INFORMATION Firms use passwords to prevent unauthorised access to computer files. They should be made up.

UNIT 3C Security of Information. SECURITY OF INFORMATION Firms use passwords to prevent unauthorised access to computer files. They should be made up.
Implementation of Security and Confidentiality in GP Practices.

Implementation of Security and Confidentiality in GP Practices.
Data Protection in Financial Services Are you Seeing the Bigger Picture? 17 September 2008.

Data Protection in Financial Services Are you Seeing the Bigger Picture? 17 September 2008.
Handling information 14 Standard.

Handling information 14 Standard.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Care.Data an ICO Update EMIS National User Group Conference East Midlands Conference Centre Nottingham 3 rd October 2013 Lynne Shackley Lead Policy Officer.

Care.Data an ICO Update EMIS National User Group Conference East Midlands Conference Centre Nottingham 3 rd October 2013 Lynne Shackley Lead Policy Officer.

Similar presentations

Ads by Google