Staff Guide to Information Sharing
|
|
- Trevor Brown
- 8 years ago
- Views:
Transcription
1 Central Bedfordshire Council Staff Guide to Information Sharing May 2015 Security Classification: Not Protected
2 Factors to consider before sharing information When deciding whether to enter into an arrangement to share personal data (either as a provider, a recipient or both) you need to identify the objective that it is meant to achieve. You should consider the potential benefits and risks, either to individuals or society, of sharing the data. You should also assess the likely results of not sharing the data. You should ask yourself: What is the sharing meant to achieve? You should have a clear objective, or set of objectives. Being clear about this will allow you to work out what data you need to share and who with. It is good practice to document this. What information needs to be shared? You shouldn t share all the personal data you hold about someone if only certain data items are needed to achieve your objectives. For example, you might need to share somebody s current name and address but not other information you hold about them. Who requires access to the shared personal data? You should employ need to know principles, meaning that other organisations should only have access to your data if they need it, and that only relevant staff within those organisations should have access to the data. This should also address any necessary restrictions on onward sharing of data with third parties. When should it be shared? Again, it is good practice to document this, for example setting out whether the sharing should be an on-going, routine process or whether it should only take place in response to particular events. How should it be shared? This involves addressing the security surrounding the transmission or accessing of the data and establishing common rules for its security. How can we check the sharing is achieving its objectives? You will need to judge whether it is still appropriate and confirm that the safeguards still match the risks.
3 What risk does the data sharing pose? For example, is any individual likely to be damaged by it? Is any individual likely to object? Might it undermine individuals trust in the organisations that keep records about them? Could the objective be achieved without sharing the data or by anonymising it? It is not appropriate to use personal data to plan service provision, for example, where this could be done with information that does not amount to personal data. The flowchart at the end of this guidance should be able to help you further. Sharing of Personal Data Since Central Bedfordshire Council deals with sensitive and personal information, it must comply with the Data Protection Act which regulates the processing of such data (as defined in sections 1 and 2 of the Act). Processing of personal data must comply with the requirements of all eight data protection principles specified within the Act unless an exemption applies. For processing, which consists of disclosing personal data within the UK, the most relevant data protection principles are the first five shown below: Personal data shall be processed fairly and lawfully Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes. Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed. Personal data shall be accurate and, where necessary, kept up to date. Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes. Myth buster on data protection The Data Protection Act 1998 is not a barrier to sharing information but provides a framework to ensure that personal information is shared appropriately. Data protection law reinforces common sense rules of information handling. It is there to ensure personal information is managed in a sensible way. It helps us strike a balance between the many benefits of public organisations sharing information, and maintaining and strengthening safeguards and privacy of the individual.
4 It also helps us balance the need to preserve a trusted relationship between practitioner and client with the need to share information to benefit and improve the Services provided or, in some instances, protect the public. Seven Golden Rules For Information Sharing Remember that the Data Protection Act is not a barrier to sharing information but provides a framework to ensure that personal information about living persons is shared appropriately. Be open and honest with the person (and/or their family where appropriate) from the outset about why, what, how and with whom information will, or could be shared, and seek their agreement, unless it is unsafe or inappropriate to do so. Seek advice from your Manager or the FOI & Privacy Specialist if you are in any doubt, without disclosing the identity of the person where possible. Share with consent where appropriate and, where possible, respect the wishes of those who do not consent to share confidential information. You may still share information without consent if, in your judgement, that lack of consent can be overridden in the public interest. You will need to base your judgement on the facts of the case. Consider safety and well-being: Base your information sharing decisions on considerations of the safety and well-being of the person and others who may be affected by their actions. Necessary, proportionate, relevant, accurate, timely and secure: Ensure that the information you share is necessary for the purpose for which you are sharing it, is shared only with those people who need to have it, is accurate and up-to-date, is shared in a timely fashion, and is shared securely. Keep a record of your decision and the reasons for it whether it is to share information or not. If you decide to share, then record what you have shared, with whom and for what purpose. What Should an Information Security Agreement Look Like? The Bedfordshire Information Sharing Protocol is an agreement to a set of standards for the sharing of personal information between organisations across Bedfordshire to facilitate the development of information sharing agreements for individual projects that require data and information sharing. You should use this protocol as the basis for your information sharing agreement. It is available on the Information Governance page on the staff intranet. If you are having difficulties, please contact the FOI & Privacy Specialist/Legal Services for assistance.
5 Flowchart of Key Question for Information Sharing You are asked to or wish to share information Is there a clear and legitimate purpose for sharing information? Does the information enable a person to be identified? Is the information confidential? T SURE SEEK ADVICE Do you have consent? YOU CAN SHARE Is there sufficient public interest to share? DO T SHARE Identify how much information to share Distinguish fact from opinion Ensure that you are giving the right information to the right person Ensure you are sharing the information securely Inform all persons that the information has been shared if they were not aware of it. Record the information sharing decision and your reasons in line with information sharing guidance.
Information Sharing: Pocket guide
Information Sharing: Pocket guide This pocket guide This pocket guide is part of the HM Government information sharing guidance package (2008), which aims to support good practice in information sharing
More informationInformation sharing. Advice for practitioners providing safeguarding services to children, young people, parents and carers
Information sharing Advice for practitioners providing safeguarding services to children, young people, parents and carers March 2015 Contents Summary 3 About this government advice 3 Who is this advice
More informationFair Processing of Personal Data - 1... 3. Pupil personal details... 3. Fair Processing of Personal Data - 2... 5. The Local Authority...
Data Protection Act CONTENTS Fair Processing of Personal Data - 1... 3 Pupil personal details... 3 Fair Processing of Personal Data - 2... 5 The Local Authority... 5 The Qualifications and Curriculum Authority...
More informationBexley Safeguarding Children Board. Information Sharing and Secure Document Transfer Guidance
Bexley Safeguarding Children Board Information Sharing and Secure Document Transfer Guidance All professionals who work with children and young people, or with adults who are parents or carers, should
More informationThis document has been archived. Information Sharing: Guidance for practitioners and managers
Information Sharing: Guidance for practitioners and managers I left my parents house when I was about sixteen with my ex-partner and started living on the streets for six months. We went to lots of agencies
More informationSANDYMOOR SCHOOL GUIDANCE ON ACCESS TO STUDENT RECORDS
SANDYMOOR SCHOOL GUIDANCE ON ACCESS TO STUDENT RECORDS 1 Sandymoor School Guidance on Access to Student Records Contents Introduction 3 Government General Principles and Guidelines 3 Approach to Seeking
More information1. Introduction... 3. 2. Statement of Policy. 3. 3. The Eight Principles of Data Protection... 4. 4. Scope... 5. 5. Roles and Responsibilities.
Data Protection Policy 2011 Contents Page 1. Introduction... 3 2. Statement of Policy. 3 3. The Eight Principles of Data Protection...... 4 4. Scope.... 5 5. Roles and Responsibilities. 5 6. Development
More informationData protection compliance checklist
Data protection compliance checklist What is this checklist for? This checklist is drawn up on the basis of analysis of the relevant provisions of European law. Although European law aims at harmonizing
More informationSafeguarding Children Policy (Early Years Child Protection)
Safeguarding Children Policy (Early Years Child Protection) All parents and carers are asked to read this document carefully prior to a child being placed The purpose of this is to keep each child safe
More informationData and Information Sharing Protocol and Agreement for Agencies Working with Children and Young People
Data and Information Sharing Protocol and Agreement for Agencies Working with Children and Young People to March 2014 Growing the right way for a bigger, better Peterborough Contents Executive Summary:
More informationMRS Guidelines for Business-to-Business Research. October 2011
MRS Guidelines for Business-to-Business Research October 2011 Updated September 2014 MRS is the world s largest association for people and organisations that provide or use market, social and opinion research,
More information3. Frequently asked questions about CAF and Lead Professional 3.1 List of Frequently asked Questions 3.2 Frequently Asked Questions and Answers
Contents Overview 1. Common Assessment Framework 1.1 Introduction 1.2 The Doncaster CAF Paperwork 1.3 How we have introduced the CAF in Doncaster 1.4 An overview of the CAF 1.5 Using the CAF in Doncaster:
More informationPRIVACY AND DATA SECURITY MODULE
"This project has been funded under the fourth AAL call, AAL-2011-4. This publication [communication] reflects the views only of the author, and the Commission cannot be held responsible for any use which
More informationBarnet Partnership Information Sharing Protocol
Barnet Partnership Information Sharing Protocol Information Sharing Protocol V1_0C - FINAL Page 1 of 52 Version 1.0 (FINAL) Contents 1 Background... 4 1.1 The need to share information... 4 2 Scope...
More informationData Transfer Policy. Data Transfer Policy London Borough of Barnet
Data Transfer Policy Data Transfer Policy London Borough of Barnet Document Control POLICY NAME Data Transfer Policy Document Description Policy surrounding data transfers (electronic and paper based).
More informationSafeguarding Adults. Your Responsibilities. Categories of Abuse. Your Role as Alerter. Information Sharing. The Mental Capacity Act
Safeguarding Adults Your Responsibilities Categories of Abuse Your Role as Alerter Information Sharing The Mental Capacity Act Assessing Capacity Chart Deprivation of Liberty Pressure Ulcer Staging Prevent
More informationMONMOUTHSHIRE COUNTY COUNCIL DATA PROTECTION POLICY
MONMOUTHSHIRE COUNTY COUNCIL DATA PROTECTION POLICY Page 1 of 16 Contents Policy Information 3 Introduction 4 Responsibilities 7 Confidentiality 9 Data recording and storage 11 Subject Access 12 Transparency
More informationINSOLVENCY CODE OF ETHICS
LIST OF CONTENTS INSOLVENCY CODE OF ETHICS Paragraphs Page No. Definitions 2 PART 1 GENERAL APPLICATION OF THE CODE 1-3 Introduction 3 4 Fundamental Principles 3 5-6 Framework Approach 3 7-16 Identification
More informationAccessing Personal Information on Patients and Staff:
Accessing Personal Information on Patients and Staff: A Framework for NHSScotland Purpose: Enabling access to personal and business information is a key part of the NHSScotland Information Assurance Strategy
More informationCode of Conduct for Pre-registration Trainee Pharmacy Technicians
Code of Conduct for Pre-registration Trainee Pharmacy Technicians January 2011 The General Pharmaceutical Council is the regulator for pharmacists, pharmacy technicians and registered pharmacy premises
More informationMerthyr Tydfil County Borough Council. Data Protection Policy
Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the
More informationUNIVERSITY OF SOUTHAMPTON DATA PROTECTION POLICY
UNIVERSITY OF SOUTHAMPTON DATA PROTECTION POLICY 1. Purpose 1.1 The Data Protection Act 1998 ( the Act ) has two principal purposes: i) to regulate the use by those (known as data controllers) who obtain,
More informationEffective from 1 January 2009. Code of Ethics for insolvency practitioners.
INSOLVENCY PRACTITIONERS (PART D) Effective from 1 January 2009. Code of Ethics for insolvency practitioners. On 1 January 2014 a minor change was made to paragraph 400.3 of the code. The change clarifies
More informationData protection. Data sharing code of practice
Data protection Data sharing code of practice Contents 3 Contents 1. Information Commissioner s foreword 4 2. About this code 6 Who should use this code of practice? 7 How the code can help 7 The code
More informationBRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS
BRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS Mat Wright www.britishcouncil.org CONTENTS Purpose of the code 1 Scope of the code 1 The British Council s data protection commitment and
More informationDraft guidance for registered pharmacies providing internet and distance sale, supply or service provision
Draft guidance for registered pharmacies providing internet and distance sale, supply or service provision September 2014 1 The General Pharmaceutical Council is the regulator for pharmacists, pharmacy
More informationData Transfer Policy London Borough of Barnet
London Borough of Barnet DATA PROTECTION 11 Document Control Document Description Data Transfer Policy Version v.2 Date Created December 2010 Status Authorisation Name Signature Date Prepared By: IS Checked
More informationSTATEMENT OF ETHICAL PRACTICE
STATEMENT OF ETHICAL PRACTICE Preamble Records and information management (RIM) is the branch of the information professions primarily concerned with the efficient and systematic control of the creation,
More informationInformation Governance Framework. June 2015
Information Governance Framework June 2015 Information Security Framework Janice McNay June 2015 1 Company Thirteen Group Lead Manager Janice McNay Date of Final Draft and Version Number June 2015 Review
More informationInformation Sharing Policy
Information Sharing Policy REFERENCE NUMBER IG 010 / 0v3 February 2013 VERSION V1.0 APPROVING COMMITTEE & DATE Clinical Executive Committee 5.2.13 REVIEW DUE DATE February 2016 West Lancashire CCG is committed
More informationCode of Ethics for Pharmacists and Pharmacy Technicians
Code of Ethics for Pharmacists and Pharmacy Technicians About this document Registration as a pharmacist or pharmacy technician carries obligations as well as privileges. It requires you to: develop and
More informationData Protection Policy
Data Protection Policy April 2014 Author: Jennifer McLaren, Assistant Principal, Curriculum Support & Finance Impact Assessment Date: 15 February 2010 Date: April 2014 Contents 1 Purpose... 2 2 Policy...
More informationINFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER
INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE
More informationProfessional Ethics in Liquidation and Insolvency
COE Section 500 Issued February 2012Revised July 2015 Effective on 1 April 2012 Code of Ethics for Professional Accountants Part E Section 500 Professional Ethics in Liquidation and Insolvency SECTION
More informationGuidance Notes for Safeguarding Children and Vulnerable Adults
Guidance Notes for Safeguarding Children and Vulnerable Adults All those who come into contact with children and families in their everyday work have a duty to safeguard and promote the welfare of children
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY DATA PROTECTION POLICY Document Control Information Title Data Protection Policy Version V1.0 Author Diana Watt Date Approved 21 February 2013 Review Date Annually, on the anniversary
More information4374 The Mauritius Government Gazette
4374 The Mauritius Government Gazette General Notice No. 2260 of 2012 THE INSOLVENCY ACT Notice is hereby given that the following Rules governing the performance and conduct of Insolvency Practitioners
More informationInformation Governance
What you should know about Information Governance p2 Information Governance What is Information Governance? You have probably heard of clinical governance, which is a way for organisations and individuals
More informationData Protection Policy
Data Protection Policy Responsible Officer Author Date effective from July 2009 Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date last amended December 2012 Review
More informationNew Ross Credit Union Web Site Statement
Privacy New Ross Credit Union Web Site Statement YOUR PRIVACY IS OUR PRIORITY Credit unions have a history of respecting the privacy of our members. Your Board of Directors has adopted the Credit Union
More informationUNIVERSITY OF ST ANDREWS. EMAIL POLICY November 2005
UNIVERSITY OF ST ANDREWS EMAIL POLICY November 2005 I Introduction 1. Email is an important method of communication for University business, and carries the same weight as paper-based communications. The
More informationPersonal Data Handling and Sharing Policy
Personal Data Handling and Sharing Policy Originator Richard Gibson Date 20 June 2012 Verifier Lynda Oliver Date 20 June 2012 Reviewed Richard Gibson, Lynda Oliver Date July 2013 Contents Page 1. Introduction
More informationInformation Security Adults Services. Practice guidance. Revised Version: 1.2 Effective from: August 2014 Next review date: August 2015
Information Security Adults Services Practice guidance Revised Version: 1.2 Effective from: August 2014 Next review date: August 2015 Sign off: Jenny Daniels Title: Head of Health and Social Care Practice
More informationBusiness Ethics Policy
Business Ethics Policy Page 1 of 12 Preface and document control This document is intended to provide information in respect of G4S Group Head Office policy, procedure, standards or guidance and will be
More informationFlexPlus Current Account Worldwide Emergency Card Assistance
FlexPlus Current Account Worldwide Emergency Card Assistance Welcome to your FlexPlus guide for Worldwide Emergency Card Assistance Within this document you will find key information to help you understand
More informationData Protection Policy
Data Protection Policy Version: 1.0 Date: October 2013 Table of Contents 1 Introduction The need for a Data Protection Policy... 3 2 Scope... 3 3 Principles... 3 4 Staff Roles & Responsibilities... 4 5
More informationReview of compliance. Brico Limited t/a Bluebird Care (Guildford) Bluebird Care (Guildford) South East. Region:
Review of compliance Brico Limited t/a Bluebird Care (Guildford) Bluebird Care (Guildford) Region: Location address: Type of service: South East Unit 15, Westminster Court Hipley Street Old Woking Surrey
More informationData Protection. Policy and Application July 2009
Data Protection Policy and Application July 2009 Produced for staff of the House of Commons Service by the Department of Resources Information Rights and Information Security (IRIS) Service Data Policy:
More informationROEHAMPTON UNIVERSITY DATA PROTECTION POLICY
ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY Originated by: Data Protection Working Group: November 2008 Impact Assessment: (to be confirmed) Recommended by Senate: 28 January 2009 Approved by Council:
More informationATMD Bird & Bird. Singapore Personal Data Protection Policy
ATMD Bird & Bird Singapore Personal Data Protection Policy Contents 1. PURPOSE 1 2. SCOPE 1 3. COMMITMENT TO COMPLY WITH DATA PROTECTION LAWS 1 4. PERSONAL DATA PROTECTION SAFEGUARDS 3 5. ATMDBB EXCEPTIONS:
More informationACT PUBLIC SERVICE MANAGER AND SUPERVISOR GUIDANCE PEOPLE MANAGEMENT AND MENTAL HEALTH
ACT PUBLIC SERVICE MANAGER AND SUPERVISOR GUIDANCE PEOPLE MANAGEMENT AND MENTAL HEALTH PEOPLE MANAGEMENT AND MENTAL HEALTH This guidance has been prepared for ACTPS managers and supervisors to inform
More informationThe Guide to Data Protection. The Guide to Data Protection
The Guide to Data Protection Contents Introduction 1 Key definitions of the Data Protection Act 4 The Data Protection Principles 19 1. Processing personal data fairly and lawfully (Principle 1) 20 2. Processing
More informationData controllers and data processors: what the difference is and what the governance implications are
ICO lo : what the difference is and what the governance implications are Data Protection Act Contents Introduction... 3 Overview... 3 Section 1 - What is the difference between a data controller and a
More informationPublic Health England, an executive agency of the Department of Health ("We") are committed to protecting and respecting your privacy.
PRIVACY POLICY 2015 PLEASE READ THIS PRIVACY POLICY CAREFULLY BEFORE USING THIS SITE Public Health England, an executive agency of the Department of Health ("We") are committed to protecting and respecting
More informationAppendix: Norfolk County Council public liability insurance provision for health care procedures
Contents 1. Introduction. 2 2. The role of governing bodies 2 3. Roles and responsibilities 3 4. Developing the school s policy for supporting pupils with medical conditions 6 5. Notification that a pupil
More informationHelix Energy Solutions Group, Inc. Code of Business Conduct and Ethics
Helix Energy Solutions Group, Inc. Code of Business Conduct and Ethics Introduction This Code of Business Conduct and Ethics ( Code ) covers a wide range of business practices and procedures. It does not
More informationThe EDGE 2014 User Conference Information Governance Workshop
The EDGE 2014 User Conference Information Governance Workshop Monday 17 th March 2014 Debbie Terry Agenda What is Information Governance? New developments in legislation Your questions answered Caldicott
More informationAppendix 11 - Swiss Data Protection Act
GLEIF- LOU Restricted Appendix 11 - Swiss Data Protection Act GLEIF Revision Version: 1.0 2015-09-23 Master Copy page 2 of 11 Applicable Provisions of the Swiss Data Protection Act (DPA) including the
More informationDerbyshire Constabulary GUIDANCE ON THE SAFE USE OF THE INTERNET AND SOCIAL MEDIA BY POLICE OFFICERS AND POLICE STAFF POLICY REFERENCE 09/268
Derbyshire Constabulary GUIDANCE ON THE SAFE USE OF THE INTERNET AND SOCIAL MEDIA BY POLICE OFFICERS AND POLICE STAFF POLICY REFERENCE 09/268 This guidance is suitable for Public Disclosure Owner of Doc:
More informationCORE SKILLS FRAMEWORK INFORMATION GOVERNANCE LESSON NOTES AND TIPS FOR A SUGGESTED APPROACH
CORE SKILLS FRAMEWORK INFORMATION GOVERNANCE LESSON NOTES AND TIPS FOR A SUGGESTED APPROACH These notes are designed to be used in conjunction with the core training PowerPoint slides. The purpose of the
More informationData Protection in Ireland
Data Protection in Ireland 0 Contents Data Protection in Ireland Introduction Page 2 Appointment of a Data Processor Page 2 Security Measures (onus on a data controller) Page 3 8 Principles Page 3 Fair
More informationMRS Guidelines for Online Research. January 2012
MRS Guidelines for Online Research January 2012 MRS is the world s largest association for people and organisations that provide or use market, social and opinion research, business intelligence and customer
More informationPOLICY FRAMEWORK AND STANDARDS INFORMATION SHARING BETWEEN GOVERNMENT AGENCIES
POLICY FRAMEWORK AND STANDARDS INFORMATION SHARING BETWEEN GOVERNMENT AGENCIES January 2003 CONTENTS Page 1. POLICY FRAMEWORK 1.1 Introduction 1 1.2 Policy Statement 1 1.3 Aims of the Policy 1 1.4 Principles
More informationPrinciples of dental team working
www.gdc-uk.org Principles of dental team working General Dental Council Standards Guidance We aim to protect patients promote confidence in dental professionals be at the forefront of healthcare regulation
More informationProposal of regulation Com 2012 11/4 Directive 95/46/EC Conclusion
Page 1 sur 155 Proposal of regulation Com 2012 11/4 Directive 95/46/EC Conclusion Legal nature of the instrument Règlement Directive Directly applicable act in internal law 91 articles 34 articles Art.
More informationThe code: Standards of conduct, performance and ethics for nurses and midwives
The code: Standards of conduct, performance and ethics for nurses and midwives We are the nursing and midwifery regulator for England, Wales, Scotland, Northern Ireland and the Islands. We exist to safeguard
More informationCode of Conduct. Property of UKAPA 20/11/2009 1
Code of Conduct A Physician Assistant (now associate) (PA) is defined as someone who is: a new healthcare professional who, while not a doctor, works to the medical model, with the attitudes, skills and
More informationCorporate ICT & Data Management. Data Protection Policy
90 Corporate ICT & Data Management Data Protection Policy Classification: Unclassified Date Created: January 2012 Date Reviewed January Version: 2.0 Author: Owner: Data Protection Policy V2 1 Version Control
More informationWorking Protocol. between the Practitioner Health Programme. and. the National Clinical Assessment Service
Working Protocol between the Practitioner Health Programme and the National Clinical Assessment Service Purpose of this document 1. The purpose of this document is to provide practical guidance on how
More informationRobyn Academy. Code of Professional Conduct for Teachers. Dance & Theatre Arts
Robyn Academy Code of Professional Conduct for Teachers Dance & Theatre Arts Council for Dance Education and Training Recognised Awards Code of Professional Conduct and Practice This is the recommended
More informationThe Code: Standards of conduct, performance and ethics for nurses and midwives
The Code: Standards of conduct, performance and ethics for nurses and midwives We are the nursing and midwifery regulator for England, Wales, Scotland, Northern Ireland and the Islands. We exist to safeguard
More informationData Protection Policy
Data Protection Policy Document Ref: DPA20100608-001 Version: 1.3 Classification: UNCLASSIFIED (IL 0) Status: ISSUED Prepared By: Ian Mason Effective From: 4 th January 2011 Contact: Governance Team ICT
More informationMRS Regulations for Administering Incentives and Free Prize Draws
MRS Regulations for Administering Incentives and Free Prize Draws July 2015 MRS is the world s largest association for people and organisations that provide or use market, social and opinion research,
More informationThe Court of Protection Transparency Pilot
The Court of Protection Transparency Pilot Introduction 1. On January 2016 the Court of Protection will begin a pilot scheme aimed at addressing one of the most controversial of its characteristics- its
More informationSAFETY AND SUSTAINABILITY POLICY
SAFETY AND SUSTAINABILITY POLICY We follow Safety and Environment laws and best practice so we can be the best and be a leader in this area. We want to do all we can to ensure we work safely, protect the
More informationSubject Access Request, Procedure, Guidance and Information
Subject Access Request, Procedure, Guidance and Information Updated: July 2015 Page 1 of 61 CONTENTS 1. Introduction 5 2. Legal Context 5 3. Subject Access Request to Personal Records Guidance 6 Guidance
More informationCouncil of the European Union Brussels, 15 January 2015 (OR. en) NOTE German delegation Working Party on Information Exchange and Data Protection
Council of the European Union Brussels, 15 January 2015 (OR. en) Interinstitutional File: 2012/0011 (COD) 14705/1/14 REV 1 LIMITE DATAPROTECT 146 JAI 802 MI 805 DRS 135 DAPIX 150 FREMP 178 COMIX 568 CODEC
More informationHow To Ensure Your Office Meets The Privacy And Security Requirements Of The Health Insurance Portability And Accountability Act (Hipaa)
HIPAA - Privacy And Security Audit For Provider Practices THIS IS A MODEL AUDIT. IT WILL NEED TO BE CHANGED TO MEET THE PARTICULAR NEEDS AND CIRCUMSTANCES OF ANY TRUSTED SOURCES DEVELOPING AN AUDIT. The
More informationOUR CODE OF ETHICS. June 2013
OUR CODE OF ETHICS. June 2013 OUR CODE OF ETHICS GUIDING PRINCIPLES Ethical behaviour is an integral part of the way we do business. It's crucial that all our stakeholders are able to trust us to treat
More informationData Protection A Guide for Users
Data Protection A Guide for Users EUROPEAN PARLIAMENT Contents Contents 3 Introduction 4 Data protection standards making a difference in the European Parliament 5 Data protection the actors 6 Data protection
More informationASTH416 Develop practices which promote choice, well-being and protection of all individuals
Develop practices which promote choice, well-being and protection of Overview For this unit you will need to develop, maintain and evaluate systems, and support others to promote the rights, responsibilities,
More informationPublic Consultation regarding Data Sharing and Governance Bill. Contribution of Office of the Data Protection Commissioner
Submission of the Office of the Data Protection Commissioner (DPC) on the data-sharing and Governance Bill: - Policy Proposals (dated the 1 st of August 2014) Public Consultation regarding Data Sharing
More informationUnder the Cybersecurity Law, network operators are obligated to consider the following security
On July 6, 2015, the Standing Committee of the National People s Congress (NPCSC) of the People s Republic of China published a draft on Cybersecurity Law. A public comment period on the Cybersecurity
More informationCaedmon College Whitby
Caedmon College Whitby Data Protection and Information Security Policy College Governance Status This policy was re-issued in June 2014 and was adopted by the Governing Body on 26 June 2014. It will be
More information(4) THAMES VALLEY POLICE of Oxford Road, Kidlington, OX5 2NX ("Police Force"),
DATE OF INFORMATION SHARING AGREEMENT JULY 2015 PARTIES (1) LIVE NATION (MUSIC) UK LIMITED (Company Number 02409911) whose registered office is at 2 nd Floor, Regent Arcade House, 19-25 Argyll Street,
More informationMonitoring Employee Communications: Data Protection and Privacy Issues
Monitoring Employee Communications: Data Protection and Privacy Issues By Anthony Sakrouge, Kate Minett, Daniel Preiskel and Jose Saras Reprinted from Computer and Telecommunications Law Review Issue 8,
More informationView the Replay on YouTube. The ICO s take on Information Sharing in the NHS. FairWarning Ready Executive Webinar Series 27 June 2013
View the Replay on YouTube The ICO s take on Information Sharing in the NHS FairWarning Ready Executive Webinar Series 27 June 2013 Today s Panel Dawn Monaghan Group Manager Strategic Liaison ICO UK Dawn.Monaghan@ico.org.uk
More informationAUSTRALIA S NEW PRIVACY LAWS - WHAT LAWYERS NEED TO KNOW ABOUT THEIR OWN PRACTICES
AUSTRALIA S NEW PRIVACY LAWS - WHAT LAWYERS NEED TO KNOW ABOUT THEIR OWN PRACTICES http://www.lawcouncil.asn.au The Privacy Commissioner has welcomed the Law Council s initiative in producing this overview.
More informationQuick guide to the employment practices code
Data protection Quick guide to the employment practices code Ideal for the small business Contents 3 Contents Section 1 About this guidance 4 Section 2 What is the Data Protection Act? 5 Section 3 Recruitment
More informationAlixPartners, LLP. General Data Protection Statement
AlixPartners, LLP General Data Protection Statement GENERAL DATA PROTECTION STATEMENT 1. INTRODUCTION 1.1 AlixPartners, LLP ( AlixPartners ) is committed to fulfilling its obligations under the data protection
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Approval date: June 2014 Approved by: Board Responsible Manager: Executive Director of Resources Next Review June 2016 Data Protection Policy 1. Introduction Data Protection Policy
More informationSMS and Texting - A Guide to the Future
NHS Information Governance: Information Risk Management Guidance: Short Message Service (SMS) & Texting Department of Health Informatics Directorate April 2010 1 Amendment History Version Date Amendment
More informationStandards of conduct, ethics and performance. July 2012
Standards of conduct, ethics and performance July 2012 Reprinted July 2012. The content of this booklet remains the same as the previous September 2010 edition. The General Pharmaceutical Council is the
More informationOffice of the Data Protection Commissioner of The Bahamas. Data Protection (Privacy of Personal Information) Act, 2003. A Guide for Data Controllers
Office of the Data Protection Commissioner of The Bahamas Data Protection (Privacy of Personal Information) Act, 2003 A Guide for Data Controllers 1 Acknowledgement Some of the information contained in
More informationInformation Governance. and what it means for you
Information Governance and what it means for you 1 Content Introduction 3 Who are we? 4 What is Information Governance? 4 Purpose of Holding Information 5 Confidentiality and Security 5 Accuracy of Information
More informationInformation Security Policy. Chapter 12. Asset Management
Information Security Policy Chapter 12 Asset Management Author: Policy & Strategy Team Version: 0.5 Date: April 2008 Version 0.5 Page 1 of 7 Document Control Information Document ID Document title Sefton
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Version 1.3 April 2014 Contents 1 POLICY STATEMENT...2 2 PURPOSE....2 3 LEGAL CONTEXT AND DEFINITIONS...2 3.1 Data Protection Act 1998...2 3.2 Other related legislation.....4 3.3
More informationASPEN AUSTRALIA BRANCH PRIVACY POLICY
ASPEN AUSTRALIA BRANCH PRIVACY POLICY INTRODUCTION This policy applies to the operations of Aspen s Australia branch. Aspen is committed to complying with the principles of the Privacy Act 1988 and accordingly
More informationSOCIAL MEDIA POLICY FOR VOLUNTEERS TEMPLATE
SOCIAL MEDIA POLICY FOR VOLUNTEERS TEMPLATE SOCIAL MEDIA POLICY FOR VOLUNTEERS TEMPLATE (Insert Your Organisation Name) uses social media in its work and recognises that those who are involved in its work
More informationCode of Conduct. Code of Conduct
Code of Conduct Code of Conduct Alberta Health Services Code of Conduct Table of Contents Message from the Alberta Health Services Governing Body and the President and Chief Executive Officer...3 A Guide
More information