Data Protection Policy
|
|
- Clare Sutton
- 8 years ago
- Views:
Transcription
1 Data Protection Policy Version: 1.0 Date: October 2013
2 Table of Contents 1 Introduction The need for a Data Protection Policy Scope Principles Staff Roles & Responsibilities Procedures The Use of Live Data for Test Purposes Policy Review and Audit Internal Disciplinary Action and Criminal Prosecution Related Documents Further Information... 6 Page 2 of 6
3 1 Introduction The need for a Data Protection Policy 1.1 The Data Protection Act 1998 places a legal obligation on all organisations to process personal data in accordance with eight Data Protection Principles set out in the Act. 1.2 Personal data is data which relates to a living individual and which allows the relevant individual to be identified either on its own or when it is combined with other personal data held. 1.3 St Helens Council must gather and process personal information about staff and clients in order to operate effectively. 1.4 The Council, acting as the custodians of personal data, recognise their legal and moral duty to ensure that personal data is handled properly and confidentially at all times. 2 Scope 2.1 This policy applies to all personal data held both on paper and by electronic means (including ). 2.2 This policy covers the whole lifecycle of personal data including: The obtaining of data; The storage and security of the data; The use and disclosure of the data; The sharing of data; The disposal and destruction of the data. 2.3 This policy applies to all users who have access to the Councils network, information and systems. 3 Principles St Helens Council will maintain appropriate safeguards to ensure adherence to the Data Protection Principles of the 1998 Act: 3.1 The collection and use of personal data will be done in such a way that recognises the Fair Processing Code, i.e. that personal data are obtained fairly and lawfully. As such the data subject should be notified of any processing by issuing a Fair Processing Notice. Particular consideration should be given to the processing of sensitive personal data. 3.2 Personal data will only be obtained and processed for the purposes specified in their Notification and in pursuit of St. Helens Council s business objectives, and should not be processed in any manner incompatible with that purpose (or those purposes) Personal data will be collected and processed on a need to know basis, ensuring that it is fit for the purpose and not excessive. 3.4 Steps will be taken to maintain the accuracy and currency of data; Page 3 of 6
4 3.5 Personal data will not be kept for longer than is necessary and will be disposed of at a time appropriate to the purpose for which it was collected; 3.6 The rights of individuals to whom personal data relate will be respected and steps taken to ensure that these rights may be exercised in accordance with the Act; 3.7 Appropriate security measures will be taken, both technically and organisationally, to protect personal data against damage, loss or abuse; 3.8 The movement of personal data will be done in a lawful way, both inside and outside the organisation, with suitable safeguards in place at all times. The rights of data subjects should also be observed and St Helens Council must ensure that these rights can be fully exercised under the DPA. These include: The right to be informed that processing is taking place; The right of access to their own personal data; The right to prevent processing in certain circumstances; The right to correct, rectify, block or erase information which is regarded as wrong information; 4 Staff Roles & Responsibilities St. Helens Council will ensure the following staff roles in relation to Data Protection are supported, including the provision of appropriate training, instruction and supervision so that their duties may be carried out effectively and consistently: 4.1 A Data Protection Officer for St. Helens Council will be responsible for gathering and disseminating information and issues relating to Data Protection; 4.2 A System & Information Management Officer for St Helens Council will carry out the day to day workings of Data Protection compliance, and audit the provisions for the same in departments; 4.3 Information Management Group Representatives will coordinate Data Protection compliance within the Council s five Departments; 4.4 Line managers will have responsibility for all matters relating to Data Protection in their operational area; 4.5 Those individuals referred to in section 2.3, acting on the Council s behalf will be responsible for safeguarding the personal data in their care. 4.6 All staff who handle personal data must undertake training in Data Protection and/or Caldicott training if appropriate. 5 Procedures To meet the requirements of the legislation the Council has produced corporate standards and procedures, which should be adhered to in relation to the following: The collection, maintenance and disposal of personal data; Page 4 of 6
5 Standards of security for both manual and computerised data, including the organisation of office accommodation to protect data; The disclosure of information to other departments and outside agencies; The disclosure of information to elected members; The handling of requests from individuals for access to their data; The setting up of new business processes; including the testing of new systems The letting of contracts; The setting up of multi-agency partnership arrangements; The handling of personal data on ; The induction and training of staff; The review of policy for accuracy and currency; Departmental reviews of procedures for data protection compliance; Audits of procedures and practice for data protection compliance. The corporate standards and procedures for the above are laid out in the Data Protection Code of Practice (see Related Documents below). 6 The Use of Live Data for Test Purposes 6.1 The processing of live data for test purposes should only take place when the Data Subject cannot be identified. 6.2 In exceptional circumstances, if the processing can be justified in the legitimate interests of the Data Controller, then the use of live data may be considered. 6.3 The decision to use live data for test purposes, must be recorded and considered by the IT Policy & Regulation Group. 7 Policy Review and Audit 7.1 This policy and related policy documents will be reviewed regularly by the System & Information Management Officer to ensure their content is accurate and up to date. 7.2 The System & Information Management Officer will co-ordinate an audit of personal data processing across the authority on a regular basis. 7.3 The System & Information Management Officer will undertake a review of the management of data protection compliance within the Council on a regular basis. 7.4 The System & Information Management Officer will undertake audits of data protection compliance within departments on a rolling basis in accordance with the general Audit schedule for the Council. 7.5 Arrangements should be made within Departments for regular reviews of procedure and practice in relation to data protection to ensure compliance with the Council s Data Protection Policy. Page 5 of 6
6 8 Internal Disciplinary Action and Criminal Prosecution 8.1 It is important that staff at all levels adhere to the requirements of this policy by following the guidelines and procedures set out in the Data Protection Code of Practice. 8.2 Negligent or deliberately destructive acts may result in disciplinary action as covered by Employees Terms and Conditions. 8.3 Under the Data Protection Act 1998 legal liability for the safeguarding of personal data falls both to the organisation and individually to its staff members. Prosecutions have been undertaken under the Data Protection Act. 9 Related Documents 9.1 The Information ICT Security Policy Framework sets out the overarching policies and governance surrounding the council s management of information and information systems (including electronic and hard copy information). 9.2 Internet & Policy - Produced by Internal Audit (Regulation and Compliance) The Internet & Policy forms part of the Information Management Framework. 9.3 The documents named above can be found on the Council s Intranet.. 10 Further Information 10.1 Further information, advice and guidance is available from the System & Information Management Officer, Internal Audit (Regulation and Compliance), Town Hall, Tel: dataprotection@sthelens.gov.uk 10.2 The Office of the Information Commissioner is the government regulator for Data Protection in the UK: Office of the Information Commissioner Wycliffe House Water Lane Wilmslow Cheshire Tel: SK9 5AF 10.3 Information Commissioners website (ico.gov.uk) contains guidance on the implementation of the FOIA, DPA and Environmental Information Regulations Act. October 2013 Page 6 of 6
HERTSMERE BOROUGH COUNCIL
HERTSMERE BOROUGH COUNCIL DATA PROTECTION POLICY October 2007 1 1. Introduction Hertsmere Borough Council ( the Council ) is fully committed to compliance with the requirements of the Data Protection Act
More informationData Protection Policy
Data Protection Policy Document Ref: DPA20100608-001 Version: 1.3 Classification: UNCLASSIFIED (IL 0) Status: ISSUED Prepared By: Ian Mason Effective From: 4 th January 2011 Contact: Governance Team ICT
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Version 1.3 April 2014 Contents 1 POLICY STATEMENT...2 2 PURPOSE....2 3 LEGAL CONTEXT AND DEFINITIONS...2 3.1 Data Protection Act 1998...2 3.2 Other related legislation.....4 3.3
More informationData Protection Policy
Data Protection Policy September 2015 Contents 1. Scope 2. Purpose 3. Data protection roles 4. Staff training and guidance 5. About the Data Protection Act 1998 6. Policy 7. The Information Commissioner's
More informationPolicy Document Control Page
Policy Document Control Page Title Title: Data Protection Policy Version: 3 Reference Number: CO59 Keywords: Data, access, principles, protection, Act. Data Subject, Information Supersedes Supersedes:
More informationInformation Governance Policy
Information Governance Policy 1 Introduction Healthwatch Rutland (HWR) needs to collect and use certain types of information about the Data Subjects who come into contact with it in order to carry on its
More informationCorporate ICT & Data Management. Data Protection Policy
90 Corporate ICT & Data Management Data Protection Policy Classification: Unclassified Date Created: January 2012 Date Reviewed January Version: 2.0 Author: Owner: Data Protection Policy V2 1 Version Control
More informationIslington Data Protection Policy. A council-wide information policy Version 1.1 June 2014
A council-wide information policy Version 1.1 June 2014 Copyright Notification Copyright London Borough of Islington 2014 This document is distributed under the Creative Commons Attribution 2.5 license.
More informationLittle Marlow Parish Council Registration Number for ICO Z3112320
Data Protection Policy Little Marlow Parish Council Registration Number for ICO Z3112320 Adopted 2012 Reviewed 23 rd February 2016 Introduction The Parish Council is fully committed to compliance with
More informationData Protection Policy
1 Data Protection Policy Version 1: June 2014 1 2 Contents 1. Introduction 3 2. Policy Statement 3 3. Purpose of the Data Protection Act 1998 3 4. The principles of the Data Protection Act 1998 4 5 The
More informationInformation Governance Framework. June 2015
Information Governance Framework June 2015 Information Security Framework Janice McNay June 2015 1 Company Thirteen Group Lead Manager Janice McNay Date of Final Draft and Version Number June 2015 Review
More informationInformation Assurance Policies and Guidance. Information Governance Policy. Document Version: v0.5 Review Date: 1 May 2016
Information Assurance Policies and Guidance Information Governance Policy Document Version: v0.5 Review Date: 1 May 2016 Owner: Information Governance Manager 1 P a g e Document History Revision Version
More informationDATA PROTECTION ACT 1998 COUNCIL POLICY
DATA PROTECTION ACT 1998 COUNCIL POLICY Page 1 of 5 POLICY STATEMENT Blackpool Council recognises the need to fully comply with the requirements of the Data Protection Act 1998 (DPA) and the obligations
More informationDATA Protection Act - A Review of Version 7
DATA PROTECTION ACT POLICY Version 7.0 Document owner Director ICT Document author and enquiry point Alison Moss, IT Security & Access Manager Date of document June 2010 Version 7.0 Document classification
More informationCorporate Data Protection Policy
Corporate Data Protection Policy September 2010 Records Management Policy RMP-09 GOLDEN RULE When you think about Data Protection remember that we are all data subjects. Think about how appropriately and
More informationNotification of data security breaches to the Information Commissioner s
ICO lo Notification of data security breaches to the Information Commissioner s Data Protection Act Contents Overview... 2 What the DPA says... 2 Reporting a breach... 2 Potential detriment to data subjects...
More informationData Protection Policy
Data Protection Policy Owner : Head of Information Management Document ID : ICT-PL-0099 Version : 2.0 Date : May 2015 We will on request produce this Policy, or particular parts of it, in other languages
More informationMerthyr Tydfil County Borough Council. Data Protection Policy
Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY DATA PROTECTION POLICY Document Control Information Title Data Protection Policy Version V1.0 Author Diana Watt Date Approved 21 February 2013 Review Date Annually, on the anniversary
More informationData Protection Policy
Internal Ref: NELC 16.60 Review date December 2016 Version No. V04 Data Protection Policy 1 Data Protection Statement Data Protection Policy 1.1 North East Lincolnshire Council recognises that in order
More informationMONMOUTHSHIRE COUNTY COUNCIL DATA PROTECTION POLICY
MONMOUTHSHIRE COUNTY COUNCIL DATA PROTECTION POLICY Page 1 of 16 Contents Policy Information 3 Introduction 4 Responsibilities 7 Confidentiality 9 Data recording and storage 11 Subject Access 12 Transparency
More informationDealing With Information Rights Concerns
I Data Protection Act How we deal with complaints and concerns A guide for data controllers 1 Data Protection Act How we deal with complaints and concerns The ICO is the UK s independent public authority
More informationData Protection Policy
Data Protection Policy 1. INTRODUCTION 1.1. The Data Protection Act gives you as an individual the right to know what information is held about you. It provides a framework to ensure that personal information
More informationInformation Governance Policy
Information Governance Policy Version 1.1 Responsible Person Information Governance Manager Lead Director Head of Corporate Services Consultation Route Information Governance Steering Group Approval Route
More informationRick Parsons Information Governance Officer County Hall 01865 323593 rick.parsons@oxfordshire.gov.uk
Rick Parsons Information Governance Officer County Hall 01865 323593 rick.parsons@oxfordshire.gov.uk 1 THE DATA PROTECTION ACT 1998 2 Requirements of the Act Roles & Responsibilities Best Practice 3 The
More informationDATA PROTECTION POLICY
Reference number Approved by Information Management and Technology Board Date approved 14 th May 2012 Version 1.1 Last revised N/A Review date May 2015 Category Information Assurance Owner Data Protection
More informationEnvironmental Information Regulations POLICY STATEMENT
Environmental Information Regulations POLICY STATEMENT Implementation Date: 1 February 2014 Next review Date: 1 February 2016 DOCUMENT CONTROL Document History Version Date Changes 2.00 18 November 2013
More informationFreedom of Information Act 2000 (FOIA) Decision notice
Freedom of Information Act 2000 (FOIA) Decision notice Date: 16 September 2015 Public Authority: Address: North East Lincolnshire Council Municipal Offices Town Hall Square Grimsby DN31 1HU Decision (including
More informationScotland s Commissioner for Children and Young People Records Management Policy
Scotland s Commissioner for Children and Young People Records Management Policy 1 RECORDS MANAGEMENT POLICY OVERVIEW 2 Policy Statement 2 Scope 2 Relevant Legislation and Regulations 2 Policy Objectives
More informationScottish Rowing Data Protection Policy
Revision Approved by the Board August 2010 1. Introduction As individuals, we want to know that personal information about ourselves is handled properly, and we and others have specific rights in this
More informationData Protection and Community Councils Briefing Note
Data Protection and Community Councils Briefing Note This briefing note has been prepared in response to specific queries raised by Community Councils in Marr in relation to their Data Protection requirements.
More informationDATA PROTECTION POLICY
Title Author Approved By and Date Review Date Mike Pilling Latest Update- Corporation May 2008 1 Aug 2013 DATA PROTECTION ACT 1998 POLICY FOR ALL STAFF AND STUDENTS 1.0 Introduction 1.1 The Data Protection
More informationHow To Share Your Health Records With The National Health Service
HOW WE USE YOUR PERSONAL INFORMATION Information Leaflet Your Health. Our Priority. Page 2 of 9 Introduction This Leaflet explains why the NHS collects information about you and how it is used, your right
More informationProtection. Code of Practice. of Personal Data RPC001147_EN_WB_L_1
Protection of Personal Data RPC001147_EN_WB_L_1 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Responsibility of Employees
More informationData Protection Policy
Data Protection Policy April 2014 Author: Jennifer McLaren, Assistant Principal, Curriculum Support & Finance Impact Assessment Date: 15 February 2010 Date: April 2014 Contents 1 Purpose... 2 2 Policy...
More informationINFORMATION GOVERNANCE POLICY
Directorate of Performance Assurance INFORMATION GOVERNANCE POLICY Reference: DCP074 Version: 2.5 This version issued: 27/03/15 Result of last review: Minor changes Date approved by owner (if applicable):
More informationWhat NHS staff need to know
St George s Healthcare NHS NHS Trust Surrey Health Informatics Service Sussex Health Informatics Service Records Management Explained What NHS staff need to know A guide to Records Management Contents
More informationData Protection Policy
Issue Date: June 2014 Document Number: POL_1006 Prepared by: Information Governance Senior Manager Insert heading depending on Insert line heading length; please depending delete other on line length;
More informationDATA PROTECTION AND DATA STORAGE POLICY
DATA PROTECTION AND DATA STORAGE POLICY 1. Purpose and Scope 1.1 This Data Protection and Data Storage Policy (the Policy ) applies to all personal data collected and dealt with by Centre 404, whether
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Primary Intranet Location Information Management & Governance Version Number Next Review Year Next Review Month 7.0 2018 January Current Author Phil Cottis Author s Job Title
More informationInformation Governance Strategy & Policy
Information Governance Strategy & Policy March 2014 CONTENT Page 1 Introduction 1 2 Strategic Aims 1 3 Policy 2 4 Responsibilities 3 5 Information Governance Reporting Structure 4 6 Managing Information
More informationGuidance for Access to Health Records Requests under the Data Protection Act 1998
Guidance for Access to Health Records Requests under the Data Protection Act 1998 Version 1 July 2002 Version 2 June 2003 Guidance for Access to Health Records Requests under the Data Protection Act 1998
More informationHuman Resources Policy No. HR46
Human Resources Policy No. HR46 Maintaining Personal Files and ESR Records Additionally refer to HR04 Verification of Professional Registration HR33 Recruitment and Selection HR34 Policy for Carrying Out
More informationProtection. Code of Practice. of Personal Data RPC001147_EN_D_19
Protection of Personal Data RPC001147_EN_D_19 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Rules Responsibility
More informationINFORMATION GOVERNANCE AND DATA PROTECTION POLICY
INFORMATION GOVERNANCE AND DATA PROTECTION POLICY WN CCG Information Governance & Data Protection Policy July 2013 1 Document Control Sheet Name of Document: Information Governance & Data Protection Policy
More informationINFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER
INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE
More informationInformation Governance. and what it means for you
Information Governance and what it means for you 1 Content Introduction 3 Who are we? 4 What is Information Governance? 4 Purpose of Holding Information 5 Confidentiality and Security 5 Accuracy of Information
More informationQuick guide to the employment practices code
Data protection Quick guide to the employment practices code Ideal for the small business Contents 3 Contents Section 1 About this guidance 4 Section 2 What is the Data Protection Act? 5 Section 3 Recruitment
More informationInformation Governance Policy A council-wide information management policy. Version 1.0 June 2013
Information Governance Policy Version 1.0 June 2013 Copyright Notification Copyright London Borough of Islington 2012 This document is distributed under the Creative Commons Attribution 2.5 license. This
More informationFreedom of Information Act 2000 (FOIA) Decision notice
Freedom of Information Act 2000 (FOIA) Decision notice Date: 28 September 2015 Public Authority: Address: Wigan Metropolitan Borough Council Town Hall Library Street Wigan WN1 1YN Decision (including any
More informationPRESIDENT S DECISION No. 40. of 27 August 2013. Regarding Data Protection at the European University Institute. (EUI Data Protection Policy)
PRESIDENT S DECISION No. 40 of 27 August 2013 Regarding Data Protection at the European University Institute (EUI Data Protection Policy) THE PRESIDENT OF THE EUROPEAN UNIVERSITY INSTITUTE, Having regard
More informationFreedom of Information Policy Version 6.0
Freedom of Information Policy Lead executive Name / title of author: Date reviewed: September 2015 Chief Nurse, Executive Director for Risk and Governance Colin Owen, Information Governance and Data Security
More informationINFORMATION SECURITY MANAGEMENT POLICY
INFORMATION SECURITY MANAGEMENT POLICY Security Classification Level 4 - PUBLIC Version 1.3 Status APPROVED Approval SMT: 27 th April 2010 ISC: 28 th April 2010 Senate: 9 th June 2010 Council: 23 rd June
More informationPAPER RECORDS SECURE HANDLING AND TRANSIT POLICY
PAPER RECORDS SECURE HANDLING AND TRANSIT POLICY CORPORATE POLICY Document Control Title Paper Records Secure Handling and Transit Policy Author Information Governance Manager ** Owner SIRO/CIARG Subject
More informationData Protection Policy
Data Protection Policy CONTENTS Introduction...2 1. Statement of Intent...2 2. Fair Processing or Privacy Statement...3 3. Data Uses and Processes...4 4. Data Quality and Integrity...4 5. Technical and
More informationFreedom of Information Act 2000 (FOIA) Environmental Information Regulations 2004 (EIR) Decision notice
Freedom of Information Act 2000 (FOIA) Environmental Information Regulations 2004 (EIR) Decision notice Date: 18 November 2015 Public Authority: Address: London Borough of Richmond Upon Thames Civic Centre
More informationRequest under the Freedom of Information Act 2000 (FOIA)
Our Ref: 007907/15 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP 04 November 2015 Tel: 101 Ext 800 2507 Fax: 0115 967 2896 Request under the Freedom
More information1. Introduction... 3. 2. Statement of Policy. 3. 3. The Eight Principles of Data Protection... 4. 4. Scope... 5. 5. Roles and Responsibilities.
Data Protection Policy 2011 Contents Page 1. Introduction... 3 2. Statement of Policy. 3 3. The Eight Principles of Data Protection...... 4 4. Scope.... 5 5. Roles and Responsibilities. 5 6. Development
More informationROEHAMPTON UNIVERSITY DATA PROTECTION POLICY
ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY Originated by: Data Protection Working Group: November 2008 Impact Assessment: (to be confirmed) Recommended by Senate: 28 January 2009 Approved by Council:
More informationCaedmon College Whitby
Caedmon College Whitby Data Protection and Information Security Policy College Governance Status This policy was re-issued in June 2014 and was adopted by the Governing Body on 26 June 2014. It will be
More informationRequest under the Freedom of Information Act 2000 (FOIA)
Our Ref: 003668/15 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP 9 July 2015 Tel: 101 Ext 800 2507 Fax: 0115 967 2896 Request under the Freedom of Information
More informationRequest under the Freedom of Information Act 2000 (FOIA)
Our Ref: 002085/15 Freedom of Information Section Nottinghamshire Police HQ Sherwood Lodge, Arnold Nottingham NG5 8PP 20 April 2015 Tel: 101 Ext 800 2507 Fax: 0115 967 2896 Request under the Freedom of
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Including the Information Governance Strategy Framework and associated Information Governance Procedures Last Review Date Approving Body N/A Governing Body Date of Approval
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Approval date: June 2014 Approved by: Board Responsible Manager: Executive Director of Resources Next Review June 2016 Data Protection Policy 1. Introduction Data Protection Policy
More informationFreedom of Information Act 2000 (FOIA) Decision notice
Freedom of Information Act 2000 (FOIA) Decision notice Date: 17 February 2015 Public Authority: Address: Yarm Town Council Town Hall High Street Yarm TS15 9AH Decision (including any steps ordered) 1.
More informationtechnical factsheet 176
technical factsheet 176 Data Protection CONTENTS 1. Introduction 1 2. Register with the Information Commissioner s Office 1 3. Period protection rights and duties remain effective 2 4. The data protection
More informationHow to Monitor Employee Web Browsing and Email Legally
WHITEPAPER: HOW TO MONITOR EMPLOYEE WEB BROWSING AND EMAIL LEGALLY How to Monitor Employee Web Browsing and Email Legally ABSTRACT The Internet and email are indispensable resources in today s business
More informationOffice of the Data Protection Commissioner of The Bahamas. Data Protection (Privacy of Personal Information) Act, 2003. A Guide for Data Controllers
Office of the Data Protection Commissioner of The Bahamas Data Protection (Privacy of Personal Information) Act, 2003 A Guide for Data Controllers 1 Acknowledgement Some of the information contained in
More information(4) THAMES VALLEY POLICE of Oxford Road, Kidlington, OX5 2NX ("Police Force"),
DATE OF INFORMATION SHARING AGREEMENT JULY 2015 PARTIES (1) LIVE NATION (MUSIC) UK LIMITED (Company Number 02409911) whose registered office is at 2 nd Floor, Regent Arcade House, 19-25 Argyll Street,
More informationInformation Management Strategy. July 2012
Information Management Strategy July 2012 Contents Executive summary 6 Introduction 9 Corporate context 10 Objective one: An appropriate IM structure 11 Objective two: An effective policy framework 13
More informationHow To Protect Your Personal Information At A College
Data Protection Policy Policy Details Produced by Assistant Principal Information Systems Date produced Approved by Senior Leadership Team (SLT) Date approved July 2011 Linked Policies and Freedom of Information
More informationData Protection. Policy and Application July 2009
Data Protection Policy and Application July 2009 Produced for staff of the House of Commons Service by the Department of Resources Information Rights and Information Security (IRIS) Service Data Policy:
More informationFREEDOM OF INFORMATION REQUEST
FREEDOM OF INFORMATION REQUEST Request Number: F-2013-05371 Keyword: Operational Policing Subject: Unmanned Aerial Systems (UAS) Purchased By PSNI 2012-2013 Request and Answer: Question 1 The number of
More informationPatient Information Whose information is it anyway? Your health records
Patient Information Whose information is it anyway? Your health records Derriford Hospital Derriford Road Plymouth PL6 8DH Tel: 0845 155 8155 www.plymouthhospitals.nhs.uk Your health record We ask you
More informationFreedom of Information Act 2000 (FOIA) Decision notice
Freedom of Information Act 2000 (FOIA) Decision notice Date: 26 January 2016 Public Authority: Address: Foreign and Commonwealth Office King Charles Street London SW1A 2AH Decision (including any steps
More informationInformation Governance
CONTROLLED Information Governance Caldicot Version-Workbok Non Caldicott Version - Workbook Version 12 January 2015 40 1 Don t Get Bitten by the Data Demon Notes Using this Workbook The objective of this
More informationOBJECTS AND REASONS. (a) the regulation of the collection, keeping, processing, use or dissemination of personal data;
OBJECTS AND REASONS This Bill would provide for (a) the regulation of the collection, keeping, processing, use or dissemination of personal data; (b) the protection of the privacy of individuals in relation
More informationInformation Governance Policy
Information Governance Policy Policy Summary This policy outlines the organisation s approach to the management of Information Governance and information handling. It explains the accountability and reporting
More informationInformation Security Policy
Information Security Policy Author: Responsible Lead Executive Director: Endorsing Body: Governance or Assurance Committee Alan Ashforth Alan Lawrie ehealth Strategy Group Implementation Date: September
More informationData Protection Procedures
Data Protection Procedures PROCEDURE OVERVIEW: This Procedure outlines Down District Council s ( the Council ) commitment to the Data Protection Act 1998 ( the Act ) and provides a framework for the Council
More informationCriminal Injuries Compensation Authority. Data protection audit report
Criminal Injuries Compensation Authority Data protection audit report Executive summary January 2016 1. Background The Information Commissioner is responsible for enforcing and promoting compliance with
More informationFinal Version 1.0 December 2015
Final Version 1.0 December 2015 Contents Page 1 Introduction...2 2 Charter Principles...2 3 Scope...2 4 Partner Commitment...3 5 Governance...4 6 The Lawful basis and Legal Requirements...5 7 Personal
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Rev No. 0 New Document 1 2 3 4 5 6 7 Revision Status Details of Amendments Name Date Update of College DPA statement New Reference to Appendix 4 Staff Guidelines ESF document retention
More informationNOT PROTECTIVELY MARKED FORCE PROCEDURES. Using the Off-Site Storage Facility for Physical Records - v03. Records Manager
FORCE PROCEDURES Using the Off-Site Storage Facility for Physical Records - v03 Procedure Reference Number: 2010.07 Procedure Author: Samantha Hampson Records Manager Procedure Review Date: February 2013
More informationWIGAN COUNCIL'S CCTV SURVEILLANCE SYSTEM
WIGAN COUNCIL'S CCTV SURVEILLANCE SYSTEM This document contains advice and information for the general public regarding data recorded by Wigan Council's CCTV Systems and the provisions of the Data Protection
More informationData Protection Policy
Data Protection Policy Introduction The Data Protection Act 1998 gives individuals the right to know what personal information is held about them. It provides a framework to ensure that the Office of the
More informationA practical guide to IT security
Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or
More informationINFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK
INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK Log / Control Sheet Responsible Officer: Chief Finance Officer Clinical Lead: Dr J Parker, Caldicott Guardian Author: Associate IG Specialist, Yorkshire
More informationCrofton School Data Protection Policy
Crofton School Data Protection Policy Crofton School collects and uses personal information (referred to in the Data Protection Act as personal data) about staff, students, parents and other individuals
More informationNATIONAL RECORDS OF SCOTLAND preserving the past; recording the present; informing the future. 2011 Census
NATIONAL RECORDS OF SCOTLAND preserving the past; recording the present; informing the future 2011 Census Information Assurance Policy Statement By the UK Census Offices June 2011 NATIONAL RECORDS OF SCOTLAND
More informationAccess to Health Records
Access to Health Records Crown Heights Medical Centre Procedure Access to Health Records ACCESS TO MEDICAL RECORDS (DATA PROTECTION) POLICY INTRODUCTION The Access to Health Records Act 1990 gave individuals
More informationCorporate Information Security Management Policy
Corporate Information Security Management Policy Signed: Chief Executive. 1. Definition of Information Security 1.1. Information security means safeguarding information from unauthorised access or modification
More informationTRUST POLICY FOR DATA QUALITY
TRUST POLICY FOR DATA QUALITY Reference Number: IG 2012 001 Version: 2.3 Status: Final Author: Vanessa Forman Job Title: Head of Information Version / Amendment History Version Date Author Reason 1 September
More informationFreedom of Information Act 2000 (FOIA) Decision notice
Freedom of Information Act 2000 (FOIA) Decision notice Date: 15 December 2014 Public Authority: Address: East Riding of Yorkshire Council County Hall Beverley East Riding of Yorkshire HU17 9BA Decision
More informationInformation Governance Strategy and Policy. OFFICIAL Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.
Information Governance Strategy and Policy Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.0 Status: Final Revision and Signoff Sheet Change Record Date Author Version Comments
More informationGUIDE TO THE ISLE OF MAN DATA PROTECTION ACT. CONTENTS PREFACE 1 1. Background 2 2. Data Protections Principles 3 3. Notification Requirements 4
GUIDE TO THE ISLE OF MAN DATA PROTECTION ACT CONTENTS PREFACE 1 1. Background 2 2. Data Protections Principles 3 3. Notification Requirements 4 PREFACE The following provides general guidance on data protection
More informationINFORMATION GOVERNANCE POLICY
INFORMATION GOVERNANCE POLICY Information Governance Policy_v2.0_060913_LP Page 1 of 14 Information Reader Box Directorate Purpose Document Purpose Document Name Author Corporate Governance Guidance Policy
More information1. JOB PURPOSE 2. KEY ACCOUNTABILITIES PRINCIPAL DUTIES:
Job Title: Location/Base: Dept.: Reporting to: Pharmacy Technician Claremont Hospital Pharmacy Pharmacy Manager 1. JOB PURPOSE The Pharmacy Technician, as part of a dedicated team, plays a key role in
More informationData and Information Security Policy
St. Giles School Inspire and achieve through creativity School Policy for: Date: February 2014 Data and Information Security Policy Legislation: Policy lead(s) The Data Protection Act 1998 (with consideration
More information