12/12/2015 data protection act 1998. 12/12/2015 the dp act a law that protects personal privacy and...
TRANSCRIPT
![Page 1: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/1.jpg)
21/04/23
Data Protection Act 1998
![Page 2: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/2.jpg)
21/04/23
The DP Act
A law that protects personal privacy and upholds individual’s rights
Anyone who handles personal information as part of their job must follow the rules set out in the Act
The Act ensures that data held electronically and in paper-based systems are managed properly
![Page 3: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/3.jpg)
21/04/23
Gives rights to the people the information is about :
Data Subjects
Places obligations on organisations that process personal data :
Data Controllers
What does the Act do?
![Page 4: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/4.jpg)
21/04/23
Notification
To comply with the Act every school must register the reasons for processing personal information with the Information Commissioners Office (ICO)
• Fee of £35/£500 is payable annually
• Failure to notify is a criminal offence
![Page 5: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/5.jpg)
21/04/23
Personal Data
Factual Opinion
Paper
Recorded information about an identifiable living individual
Electronic
![Page 6: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/6.jpg)
21/04/23
Sensitive Personal Data
a. Racial or ethnic origin
b. Political opinions
c. Trade union membership
d. Religious or similar beliefs
e. Health or sexual life
f. Criminal offences, proceedings and convictions
![Page 7: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/7.jpg)
21/04/23
Where do we hold Personal Data?
![Page 8: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/8.jpg)
21/04/23
5.Held no longer than necessary
6.Processed in line
with the individuals rights
2.Processed for specified purpose
7.Kept secure
8. Only transferred to
countries with adequate security
measures
Personal Data should be …
The eight data protection principles
3.
Adequate, relevant
and not excessive
4.Accurate and
up to date
1.
Processed fairly
and lawfully
![Page 9: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/9.jpg)
21/04/23
Privacy Notice
We should ensure that all Data Subjects are provided with the following information:
• The identity of the Data Controller
• The purpose for which the data is
being processed
• Any further information necessary
![Page 10: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/10.jpg)
21/04/23
Individuals Rights
Complain
to the ICO
Correct
incorrect data
Take action for
compensation
Prevent
processing for
direct marketing
Prevent
processing likely
to cause harm
Subject Access
Request
![Page 11: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/11.jpg)
21/04/23
Offences
The Information Commissioners Office (ICO)
has a duty to investigate a complaint
Reasons for complaint could be:
– Failure to comply with a written request– Unauthorised disclosure of personal data
![Page 12: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/12.jpg)
21/04/23
Information Security
![Page 13: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/13.jpg)
21/04/23
The Information Commissioner has stated that information security is probably the most important aspect of data protection for schools
The ICO has the power to impose fines of up to £500,000 for serious breaches of the DP Act
The school must consider informing the ICO of any breach involving personal information
![Page 14: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/14.jpg)
21/04/23
Breaches Nov 2012 - Leeds City Council - Child care files sent to
the wrong address - Fined £95,000
Dec 2012 - London Borough of Lewisham - social work papers left on train in plastic shopping bag - Fined £70,000
Dec 2012 - Devon County Council – social worker used previous case as a template and the old report was sent in error, identifying 22 people – Fined £90,000
June 2013 - Halton Borough Council - clerical officersent adoptive parent’s address details to birth mother who then gave them to her parents who in turn contacted the adoptive parents - Fined £70,000
![Page 15: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/15.jpg)
21/04/23
Information Security
Keep all personalinformation secure when it’s not being used
![Page 16: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/16.jpg)
21/04/23
Passwords
Look after your user ID and password used to access your computer
Password is Frog
![Page 17: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/17.jpg)
21/04/23
Conversations
Do not discuss someone’s personal business in a public place
![Page 18: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/18.jpg)
21/04/23
Phoning
Take care when disclosing personal information particularly on the telephone
![Page 19: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/19.jpg)
21/04/23
Computer Screens
Make sure the computer screen
is shielded in
open plan or
public areas
![Page 20: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/20.jpg)
21/04/23
Memory Sticks
Do not keep personal or confidential information on memory sticks
![Page 21: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/21.jpg)
21/04/23
Take care when using email to send sensitive or confidential information
![Page 22: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/22.jpg)
21/04/23
Faxing
Be very careful if you need to fax personalinformation
![Page 23: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/23.jpg)
21/04/23
Photocopying/printing
Only send personal or confidential informationto multi-function printers in ‘safe haven’ locations
Only send personal or confidential informationto multi-function printers in ‘safe haven’ locations
![Page 24: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/24.jpg)
21/04/23
Building Security
Tighter access controls to prevent unauthorised access
![Page 25: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/25.jpg)
21/04/23
Information inTransit
Keep personal information confidential when moving it from one location to another
![Page 26: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/26.jpg)
21/04/23
Confidential Waste
All papers that identify individuals must be destroyed in a secure manner
![Page 27: 12/12/2015 Data Protection Act 1998. 12/12/2015 The DP Act A law that protects personal privacy and upholds individual’s rights Anyone who handles personal](https://reader035.vdocuments.mx/reader035/viewer/2022070413/5697bf8f1a28abf838c8da08/html5/thumbnails/27.jpg)
21/04/23
Contact DetailsInformation Commissioner
Website: www.ico.org.ukTel: 01625 545745
Email: [email protected]
IR&T TeamInformation Governance Specialists:Caroline Dodge (Team Leader) 1652Sandra Town 1790Michelle Hunt 6692Pauline Banks 4999Records Manager – Elizabeth Barber 4373
KELSI: http://www.kelsi.org.uk/school-management/data-and-reporting/access-to-information