Data Protection Policy



Similar documents
Data Protection Policy

Application for access to your personal data held by the City of London Police (CoLP)

Access to Health Records

SUBJECT ACCESS REQUEST

Data Protection Act 1998 Subject Access Request - Application Form

How To Share Your Health Records With The National Health Service

Subject Access Request Form

APPLICATION FORM - PERSONAL INJURY (Do not use for fatal injuries)

APPLICATION FOR COMPENSATION FORM FOR A PERSONAL INJURY (Do not use this form for claims relating to fatal injuries)

APPLICATION FOR COMPENSATION FORM FOR A PERSONAL INJURY (Do not use this form for claims relating to fatal injuries)

Data Protection Act a more detailed guide

HOW YOU CAN OBTAIN ACCESS TO YOUR PERSONAL RECORDS Notes to accompany Application Form

CLAIM FOR COMPENSATION FOR A WORK-RELATED DEATH

ACCESS TO PATIENT HEALTHCARE RECORDS UNDER THE DATA PROTECTION ACT 1998 & THE ACCESS TO HEALTH RECORDS ACT 1990

Glyncoed Primary School. Data Protection Policy

Quick guide to the employment practices code

APPLICATION FOR COMPENSATION 1 (Where there is no Court Order) Criminal Offence Victims Act S.33 Criminal Code S.663D

DATA PROTECTION POLICY

The Law Society of Ireland Claims for refunds of money paid to a solicitor Application form

Casino, Liquor and Gaming Control Authority Act 2007 No 91

Application for a Scrap Metal Licence

Agents financial administration Form 4

Subject Access Request Procedure (Data Protection) Doc No IMPR04 Rev 2 27/07/ Scope. 2.0 Responsibilities and Definitions

Subject Access Request, Procedure, Guidance and Information

FREEDOM OF INFORMATION REQUEST

HERTSMERE BOROUGH COUNCIL

ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY

Application for a Licence to drive a Hackney Carriage/Private Hire Vehicle in the Borough of High Peak

Registration as a Physiotherapist within the Special Purpose Scope of Practice: Postgraduate Physiotherapy Student

CLAIM FOR WORKERS COMPENSATION

THE UK S ANTI-MONEY LAUNDERING LEGISLATION AND THE DATA PROTECTION ACT 1998 GUIDANCE NOTES FOR THE FINANCIAL SECTOR. April 2002

Subject Access Request Form Data Protection Act 1998 Application for Access to Personal Information. December 2013

Information for Individuals Child Abuse Registry Check (Self Check-Mail) Checklist

Merthyr Tydfil County Borough Council. Data Protection Policy

Application for a real estate salesperson registration certificate

Child and Adult Services Subject Access Requests Guidance

Request under the Freedom of Information Act 2000 (FOIA)

Long-Term Disability Income Benefit. Employee s Statement

Subject Access Request (SAR) Procedure

OBJECTS AND REASONS. (a) the regulation of the collection, keeping, processing, use or dissemination of personal data;

Claim for Compensation for a Work-related death

Version 1. Chair of Governors Signature.. Review Date: Spring term 2017

Identity Cards Act 2006

Fit and proper person form

Privacy Policy. January 2014

Request under the Freedom of Information Act 2000 (FOIA)

CRIMINAL HISTORY CHECK APPLICATION

Human Resources and Data Protection

London Borough of Brent Joint Regulatory Services ENFORCEMENT POLICY

Scottish Rowing Data Protection Policy

Application to be licensed as a new driver

Information for Individuals Adult Abuse Registry Check (Self Check-Mail) Checklist

Application for Access to GP Medical Records (Access to Health Records Act 1990 / Data Protection Act 1998)

Workers Compensation claim form

APPLICATION FOR COMPENSATION 1 (Where there is a court order) Criminal Offence Victims Act S.32 Criminal Code S.663C

PRIVATE HIRE DRIVERS LICENCE FIRST APPLICATION

technical factsheet 176

Tenants and Leaseholders Home Contents Insurance Scheme Application Form

Application for a personal injury award following a period of abuse (physical and/or sexual) (EU use only)

Membership Application OTASA Scheme of Co-operation

Fair Trading will aim to make a decision on your application within 6 weeks after receiving all relevant information from you and other agencies.

APPLICATION FORM. / / / PENSION ANNUITY. Once you ve completed this form, please return it to: Legal & General Annuities PO Box 809 Cardiff CF24 0YL

Casino Control Act 2006

DATA PROTECTION POLICY

This standard involves verification of identity; nationality and immigration status; employment history (past 3 years) and criminal record.

Data Subject Access Request Procedure

Quick Guide 12: Bringing a Small Claim in the County Court

Owner Builder permit. Owner builder application. Company application. Lease agreements. Owner builder course. Build better.

48R. Application for general tourists to visit Australia for tourism or other recreational activities. Part A Your details PHOTOGRAPH

Report of a Complaint Handling Review in relation to Strathclyde Police

CCTV CODE OF PRACTICE

Lump sum benefit payment request for your superannuation or account based pension

Human Resources Policy documents. Data Protection Policy

NT WORKERS COMPENSATION CLAIM FORM

Insolvency: a guide for directors

WHOLE BALANCE TRANSFER TO A KIWISAVER SCHEME

Transcription:

Data Protection Policy Introduction The Data Protection Act 1998 gives individuals the right to know what personal information is held about them. It provides a framework to ensure that the Office of the Police and Crime Commissioner for Norfolk (OPCCN) and other bodies properly handle personal information they hold about them. The OPCCN undertakes to handle the information it holds about individuals in an appropriate and sensitive manner and that all procedures for the handling of such information comply with the legislation. The OPCCN adheres to the 8 principles within the Act, as follows: 1. Fairly and lawfully processed 2. Processed for limited purposes 3. Adequate, relevant and not excessive 4. Accurate and up to date 5. Not kept for longer than is necessary 6. Processed in line with your rights 7. Secure 8 Not transferred to other countries without adequate protection. The Act provides individuals with rights, including the right to find out what personal information is held about them, on computer and most paper records. The Act does not guarantee personal privacy at all costs, but aims to strike a balance between the rights of individuals and the competing interests of those with legitimate reasons for using personal information. It applies to some paper records as well as computer records. In handling personal information, the OPCCN considers the following matters to ensure it complies with the Data Protection Act: Information about individuals is only retained for a business reason People whose information the OPCCN holds have consented to the use of that information, and should understand what it will be used for The OPCCN will only pass on personal information with the express permission of the individual and only for OPCCN related purposes Information is held securely and is only accessed by OPCCN staff The use of personal information is limited to those with a strict need to know Personal information is accurate and up to date Information is destroyed if there is no further need for it

The OPCCN s Notification to the Information Commissioner (Ref No: Z344509X) is up to date and reviewed annually. Notifying the Information Commissioners Office A Data Protection Notification is the process by which the OPCCN informs the Information Commissioner of certain details about its processing of personal information. These details are used by the Information Commissioner to make an entry describing the processing in the register of data controllers that is available to the public for inspection. A basic principle of data protection is that the public should know (or should be able to find out) who is carrying out the processing of personal information as well as other details about the processing (such as for what reason it is being carried out). The register of data controllers assists individuals in understanding how personal information is being processed. The aim of the register is to keep its contents at a general level, with sufficient detail to give an overall picture of processing, and it is not intended to contain very detailed information about a data controllers processing. More detail is only necessary to satisfy specific statutory requirements or where there is particular sensitivity. The Data Protection Act 1998 requires the OPCCN (as Data Controller i.e. the holder of information) who is processing personal information to notify the Information Commissioners Office of the types of information they hold and how it is processed. Failure to notify is a criminal offence. Subject Access Information where the OPCCN is the data controller: Where the OPCCN is the data controller, individuals are entitled to be told whether the OPCCN holds data about them and if it does: to be given a description of the data in question to be told for what purpose the data is processed to be told the recipients, or classes of recipients, to whom the data is or may be disclosed. Subject Access applies to all information that meets the definition of personal data of the applicant. This will include correspondence, reports, and emails. Any information held about an individual may be disclosed on receipt of a Subject Access application, and individuals are entitled to a copy of the information with any unintelligible terms, acronyms or codes explained. They will also be given any information available on the source of the data. The data will be in its latest form.

Anyone wishing to make a Subject Access Request, should complete the application form (at Appendix A) and send it to: Data Protection Officer OPCCN Building 8 Wymondham Norfolk NR18 0WW All applications MUST be accompanied by two documents providing proof of the identity of the applicant. These documents must show between them: Full name Date of Birth Signature Current postal address Examples of acceptable documents are: Driving Licence Passport NHS medical card Birth Certificate Bank Statement Utility Bill NB Photocopies are acceptable All applications must be accompanied by a fee of 10 payable by cheque or postal order to OPCCN. If you receive an application form from a member of the public, you must do the following: Check that all fields on the form have been completed Check that 2 documents are provided as proof of identity Check that the 4 pieces of information above match those details on the documents provided Check the fee is paid and issue a receipt Return any application forms that are incomplete, do not have proper proof of identity or the fee to the applicant A request for access to personal data will be dealt with promptly and in any event within 40 days of receipt of the request and payment of the fee.

If an individual considers that a request for access to personal data has not been dealt with properly, they should: a) Write in the first instance to: Performance and Compliance Officer OPCCN Building 8 Wymondham Norfolk NR18 0WW seeking resolution of their complaint, or if an individual is still not content with the information provided; b) Write to the Information Commissioner, who is appointed to consider such complaints at: Office of the Information Commissioner Wycliffe House Water Lane Wilmslow Chelmsford SK9 5AF Tel: 01625 545745 ICO Website: www.ico.gov.uk The Information Commissioner is empowered to assess whether there has been a failure to comply with the Act. The Information Commissioner can issue enforcement proceedings if satisfied that there has been a contravention of the data protection principles. The Information Commissioner can also recommend that an individual apply to court alleging a failure to comply with the subject access provisions of the Act. The court may make an order requiring compliance with those provisions and may also award compensation for any damages the individual has suffered as well as any associated distress. Information where the OPCCN is not the Data Controller: In many cases, it is the Constabulary and not the OPCCN who hold personal information. For example, the Police National Computer includes information on prosecutions, convictions and cautions. Chief Constables are the data controllers for this information and not the OPCCN. An individual has the right to be told by a Chief Constable whether any information is held on the Police National Computer and a right to a copy of that information. A similar process applies for making a subject access request to the Chief Constable.

Police Forces provide a form to simplify the exercise of an individuals right to information. To obtain a Subject Access Request application form from Norfolk Constabulary, please contact: Data Protection Officer Norfolk Constabulary Wymondham, Norfolk NR18 0WW

APPENDIX A OPCCN Building 8 Wymondham, Norfolk NR18 0WW Tel No: 01953 424455 DATA PROTECTION ACT 1998 SUBJECT ACCESS APPLICATION Use this form to request information about you that may be held by the Office of the Police and Crime Commissioner for Norfolk Your Rights You have a right to be told whether any information is held about you and a right to a copy of that information, unless certain exemptions apply. You will be provided with that information only if you have provided satisfactory proof of your identity. Information may not have to be provided if someone else can be identified in or from the information. If you think that information might be held about you that may identify or have been provided by another person, you may want to get that person s written agreement to enable the information to be given to you, and send it with your application. Chief Executive Rights The Chief Executive may refuse a request where the information is held for: a) the prevention or detection of crime, or b) the apprehension or prosecution of offenders and giving you the information would be likely to prejudice any of those purposes. The information you provide on this form will be used for processing your request. Official use only OPCCN Ref. No.: What To Do 1. Complete Sections 1, 2 and 3 2. Include Proof of Identity. To help establish your identity this application must be accompanied by two official documents (originals or photocopies) which between them clearly show your name, current postal address, date of birth and signature, for example: birth certificate, driving licence, passport, medical card, benefit(s) book, pension book or bank book. 3. Include the Fee. Payment of the 10 sterling fee can only be made by cheque or postal order made payable to OPCCN. 4. The completed form, fee and proof of identity should be sent to the above address, for the attention of the Senior Business Support Officer. What Happens Next Your application will be processed and a reply sent to the address shown on the form. The Act requires that you receive a reply within 40 days from the date the completed application form is received. Please contact us on the number above if you have not received your response within this period. Section 1 About Yourself (tick small boxes [ ] where appropriate) Title: Mr [ ] Mrs [ ] Miss [ ] Ms [ ] Other (specify) Surname/Family Name: First Name(s): Maiden/Former Name(s): Sex: Male [ ] Female [ ] Height: Date of Birth:

Place of Birth: Town: County: Postal Address (This address MUST appear on your identity documents and will be the address to which the response will be sent, unless you are making your request through a solicitor or other agent) Post Code: Contact Telephone Number: PREVIOUS ADDRESSES If you have lived at your home address for less than 10 years please provide previous addresses with dates on a separate piece of paper. Section 2 Details of Your Request To help us find the information that we may hold about you, please complete this section as fully as possible. If it is something specific, for example details of a reported crime or incident, quote any reference number that you may have. Continue on a separate sheet if necessary State here what information you are requesting. State here the date, time and location and any reference numbers you might have Section 3 Declaration and signature The information which I have supplied in this application is correct, and I am the person to whom it relates. Signature: Date: Included with form: Fee [ ] 2 Identity Documents [ ] WARNING: - A person who impersonates or attempts to impersonate another may be guilty of an offence. OFFICIAL USE ONLY (to be completed by officer receiving) Application checked & legible [ ] Identification documents checked [ ] Documents confirm name, date of Birth, signature and address [ ] Details of documents produced: 1. 2. Fee Paid Receipt No. Payment Method 10 Officer Completing: Name: Location: Date:

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information