accountability and governance evidence to what extent can
play

Accountability and Governance evidence To what extent can an agreed - PowerPoint PPT Presentation

Sep 02, 2023 •223 likes •362 views

RMPs and GDPR Accountability and Governance evidence To what extent can an agreed RMP act as evidence of compliance with GDPR obligations around accountability and governance? Article 5(2) Accountability Principle The

  1. RMPs and GDPR ‘Accountability and Governance’ evidence

  2. “ To what extent can an agreed RMP act as evidence of compliance with GDPR obligations around accountability and governance?”

  3. Article 5(2) – Accountability Principle “The controller shall be responsible for, and be able to demonstrate compliance with, paragraph 1 ('accountability ').”

  4. Article 5(1) – GDPR Principles Personal data shall be: (a) processed lawfully, fairly and in a transparent manner – ‘lawfulness, fairness and transparency’ (b) collected for specified, explicit and legitimate purposes; not further processed in a manner incompatible with those purposes – ‘purpose limitation’ (c) adequate, relevant and limited to what is necessary – ‘data minimisation’ (d) accurate and, where necessary, kept up to date; every reasonable step taken to ensure this – ‘accuracy’ (e) kept for no longer than necessary; may be stored for longer periods for archiving, research and statistical purposes – ‘storage limitation’ (f) processed with appropriate security; protected against unauthorised or unlawful processing, and accidental loss, destruction or damage – ‘integrity and confidentiality’

  5. ICO guidance on measures you can take • adopting and implementing data protection policies (where proportionate); • taking a ‘data protection by design and default’ approach - putting appropriate data protection measures in place throughout the entire lifecycle of our processing operations; • putting written contracts in place with organisations that process personal data on our behalf; • maintaining documentation of our processing activities; • implementing appropriate security measures; • recording and, where necessary, reporting personal data breaches; • carrying out data protection impact assessments for uses of personal data that are likely to result in high risk to individuals’ interests ; • appointing a data protection officer (where necessary); • adhering to relevant codes of conduct and signing up to certification schemes (where possible).

  6. Article 30 – Records of Processing Activities • the name and contact details of your organisation (and where applicable, of other controllers, your representative and your data protection officer). • the purposes of your processing. • a description of the categories of individuals and categories of personal data. • the categories of recipients of personal data. • details of your transfers to third countries including documenting the transfer mechanism safeguards in place. • retention schedules • a description of your technical and organisational security measures.

  7. Article 30(5) – Exemption Organisation with fewer than 250 employees are exempt, but not if: • Processing that is likely to result in a risk to the rights and freedoms of data subjects. • Processing that is not occasional. • Processing that includes special categories of data or personal data relating to criminal convictions and offences. Working 29 Party – not a heavy burden ICO has produced templates

  8. ICO - other documentation • information required for privacy notices, such as: – the lawful basis for the processing – the legitimate interests for the processing – individuals’ rights – the existence of automated decision-making, including profiling – the source of the personal data; • records of consent; • controller-processor contracts; • the location of personal data; • Data Protection Impact Assessment reports; • records of personal data breaches; • information required for processing special category data or criminal conviction and offence data under the Data Protection Act 2018, covering: – the condition for processing in the Data Protection Act; – the lawful basis for the processing in the GDPR; and – your retention and erasure policy document.

  9. Keeper’s Model Plan: Element 9 Evidence currently required: • Privacy notice • Data protection policy or evidence of adequate processes in place • Guide to submitting SARs • Registration with the ICO The Keeper would not expect a detailed list of records that might be affected by data protection legislation

  10. Is a specific element on data protection required? Evidence of compliance will also appear under: • Element 5: Retention schedule • Element 6: Destruction arrangements • Element 8: Information security • Element 11: Audit Trail • Element 14: Shared information

  11. What additional evidence can the Keeper reasonably expect authorities to provide ?

  12. Possible evidence - Data protection policy - Privacy notice - Registration with ICO - Guidance on making SAR and exercising other rights - Appointment of Data Protection Officer - Information Asset Register - Other records of processing activities - Retention and Disposal Schedule - Data sharing agreements - Contracts and data processing agreements - Data Protection Impact Assessments - Security measures - Recording data breaches

  13. What are your views?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Accountability Policy Advisory Committee Texas Education Agency | Governance & Accountability

Accountability Policy Advisory Committee Texas Education Agency | Governance & Accountability

2021 Accountability Accountability Policy Advisory Committee Texas Education Agency | Governance & Accountability | Performance Reporting Thank you in advance for muting your mic. Meeting TEXAS EDUCATION AGENCY GOVERNANCE &

360 views • 23 slides
Mississauga Halton LHIN Governance to Governance: Community Sector Focus Funding, Accountability

Mississauga Halton LHIN Governance to Governance: Community Sector Focus Funding, Accountability

Mississauga Halton LHIN Governance to Governance: Community Sector Focus Funding, Accountability & Governance Raising our Bar October 2, 2012 Welcome and Introductions Graeme Goebelle Board Chair Mississauga Halton LHIN 2

566 views • 39 slides
DUE PROCESS IN GOVERNANCE: AN IMPERATIVE OF TRANSPARENCY AND ACCOUNTABILITY, A PAPER PRESENTATION

DUE PROCESS IN GOVERNANCE: AN IMPERATIVE OF TRANSPARENCY AND ACCOUNTABILITY, A PAPER PRESENTATION

DUE PROCESS IN GOVERNANCE: AN IMPERATIVE OF TRANSPARENCY AND ACCOUNTABILITY, A PAPER PRESENTATION BY: ABBA B. UMAR, DIRECTOR - GENERAL ADAMAWA STATE BUREAU OF PUBLIC PROCUREMENT (ADSBPP), AT A RETREAT FOR HON. COMMISSIONERS, PERMANENT

379 views • 11 slides
The problem of European governance and accountability QCEA QPSW conference Brussels, 16

The problem of European governance and accountability QCEA QPSW conference Brussels, 16

The problem of European governance and accountability QCEA QPSW conference Brussels, 16 November 2013 Rebecca Gumbrell-McCormick 1 Introduction and Overview A short quiz on European governance Introduction: The European Social

581 views • 11 slides
Social accountability: What does the evidence really say? Jonathan Fox School of International

Social accountability: What does the evidence really say? Jonathan Fox School of International

Social accountability: What does the evidence really say? Jonathan Fox School of International Service American University www.jonathan-fox.org fox@american.edu May 5, 2014 What exactly is social accountability? Social accountability

389 views • 15 slides
A VICTORIOUS BOARD ** The New World of Independent School Governance Accountability and

A VICTORIOUS BOARD ** The New World of Independent School Governance Accountability and

A VICTORIOUS BOARD ** The New World of Independent School Governance Accountability and Transparency and More! Mary H. DeKuyper January 26, 2008 ** A good board is a victory , not a gift. Cyril Houle The Really Old World of

905 views • 32 slides
How Evidence-Based Reform Will Transform Research and Practice in Education Robert E. Slavin

How Evidence-Based Reform Will Transform Research and Practice in Education Robert E. Slavin

How Evidence-Based Reform Will Transform Research and Practice in Education Robert E. Slavin Johns Hopkins University School Reform is Constantly Churning Accountability/Assessment Governance Charters Teacher Evaluation

331 views • 19 slides
The 2013 Resource Governance Index A measure of transparency and accountability in the oil, gas

The 2013 Resource Governance Index A measure of transparency and accountability in the oil, gas

The 2013 Resource Governance Index A measure of transparency and accountability in the oil, gas and mining sector Washington, D.C. May 15, 2013 http://www.revenuewatch.org/rgi Outline 1. Whats at stake 2. What the Index measures 3. How the

370 views • 23 slides
IT T Governance and M Management S Structure 1. Re-Structuring IT Governance and Management:

IT T Governance and M Management S Structure 1. Re-Structuring IT Governance and Management:

IT T Governance and M Management S Structure 1. Re-Structuring IT Governance and Management: Why Now? 2. Transition Structure 3. Steady-State Structure 4. Tight Decision-Making Loop: Teamwork, Responsibility, Accountability 5.

654 views • 21 slides
From Research to Policy in School Management and Accountability: Evidence from Randomized

From Research to Policy in School Management and Accountability: Evidence from Randomized

From Research to Policy in School Management and Accountability: Evidence from Randomized Evaluations Todays Panelists Sarah Kabay Juan Manuel Hernandez-Agramonte Education Program Director, Peru, Bolivia, & Paraguay Country Director,

211 views • 8 slides
Which Aspects of Corporate Governance Matter in Emerging Markets: Evidence from Brazil, India,

Which Aspects of Corporate Governance Matter in Emerging Markets: Evidence from Brazil, India,

Discussion of Which Aspects of Corporate Governance Matter in Emerging Markets: Evidence from Brazil, India, Korea, and Turkey (Black, de Carvalho, Khanna, Kim, Yurtoglu) by Johan Sulaeman Summary Develop country-specific governance

354 views • 17 slides
ECA Forum Tajikistan-23 rd to 25 th May, 2017. Improving WASH Governance & Social

ECA Forum Tajikistan-23 rd to 25 th May, 2017. Improving WASH Governance & Social

SOCIAL ACCOUNTABILITY IN PAKISTAN-WASH ECA Forum Tajikistan-23 rd to 25 th May, 2017. Improving WASH Governance & Social Accountability Unaddressed water sanitation and hygiene needs in urban areas Finding collaborative solutions

377 views • 15 slides
Role of Civil Society in Governance and Democratic Accountability of Internal Migration Funding

Role of Civil Society in Governance and Democratic Accountability of Internal Migration Funding

1 Role of Civil Society in Governance and Democratic Accountability of Internal Migration Funding By Lina Vosylit 16 May 2018, European Parliament Public Hearing Assessing the Flow of EU migration expenditure www.ceps.eu

357 views • 10 slides
The Distortionary Effects of Power Sharing on Political Corruption and Accountability: Evidence

The Distortionary Effects of Power Sharing on Political Corruption and Accountability: Evidence

The Distortionary Effects of Power Sharing on Political Corruption and Accountability: Evidence from Kenya Michael Mbate PhD Candidate - London School of Economics and Political Science June 12, 2018 1 / 23 Motivation Increase in power

245 views • 23 slides
Corporate Governance Through Voice and Exit: Evidence from Standard Life Investments Marco

Corporate Governance Through Voice and Exit: Evidence from Standard Life Investments Marco

Corporate governance through voice and exit Corporate Governance Through Voice and Exit: Evidence from Standard Life Investments Marco Becht Solvay Brussels School , Universit Libre de Bruxelles, CEPR and ECGI Julian Franks London

702 views • 30 slides
Evidence, Governance, Performance Challenges for Education and Research Nino Cartabellotta GIMBE

Evidence, Governance, Performance Challenges for Education and Research Nino Cartabellotta GIMBE

Evidence, Governance, Performance Challenges for Education and Research Nino Cartabellotta GIMBE Foundation "All healthcare decisions should be evidence-based" www.ninocartabellotta.it To patients this is a natural expectation For

862 views • 82 slides
Ewan Robson Director, IG Compliance ltd 1 Todays Training Look at the History of the Data

Ewan Robson Director, IG Compliance ltd 1 Todays Training Look at the History of the Data

Data Protection Act 1998/General Data Protection Regulation 2016 Freedom of Information Act Ewan Robson Director, IG Compliance ltd 1 Todays Training Look at the History of the Data Protection Act/General Data Protection

575 views • 40 slides
GDPR (EU General Data Protection Regulation) ePrivacy Directive and Regulation CCPA

GDPR (EU General Data Protection Regulation) ePrivacy Directive and Regulation CCPA

HOW IS BUSINESS DEALING WITH THE GDPR AND CCPA? CURRENT AND EMERGING AREAS OF PRIVACY FOCUS GDPR (EU General Data Protection Regulation) ePrivacy Directive and Regulation CCPA (California Consumer Privacy Act) GDPR (EU) Effective

493 views • 4 slides
Heterogenous Resources for data processing Heterogenous Execution for CMSSW Concentrating

Heterogenous Resources for data processing Heterogenous Execution for CMSSW Concentrating

Heterogenous Resources for data processing Heterogenous Execution for CMSSW Concentrating on HCAL / ECAL Local Energy Reconstruction Current Calorimeters take 20-25% RECO time And both use the same algorithm -> fast NNLS 1 Template

328 views • 4 slides
Data reduction and processing tutorial Petr V. Konarev European Molecular Biology Laboratory,

Data reduction and processing tutorial Petr V. Konarev European Molecular Biology Laboratory,

17-24 October 2012 EMBO Course Data reduction and processing tutorial Petr V. Konarev European Molecular Biology Laboratory, Hamburg Outstation BioSAXS group 17-24 October 2012 EMBO Course EMBL BioSAXS beamline X33, 2012 Optics Vacuum

565 views • 37 slides
Spac ace e and Da Data ta Protec tection tion GLI LIS, S, 7 June ne 2016 2016

Spac ace e and Da Data ta Protec tection tion GLI LIS, S, 7 June ne 2016 2016

Spac ace e and Da Data ta Protec tection tion GLI LIS, S, 7 June ne 2016 2016 Introduction Space Policies all around the globe put emphases on space services supporting growth, jobs, innovation and competitiveness. Technology

219 views • 10 slides
How Vembu BDR Suite ensures the data protection for your Modern Data Centers? www.vembu.com

How Vembu BDR Suite ensures the data protection for your Modern Data Centers? www.vembu.com

How Vembu BDR Suite ensures the data protection for your Modern Data Centers? www.vembu.com Vembu Technologies Founded in 2002 Headquartered in Chennai 10+ Years of Experience 100+ Countries 4000+ Partners 60000+ Businesses TRUSTED BY OVER

350 views • 16 slides
The GDPR and the Data Protection Act 2018 Robin Hopkins Robin Hopkins 4 October 2017 GDPR: an

The GDPR and the Data Protection Act 2018 Robin Hopkins Robin Hopkins 4 October 2017 GDPR: an

The new data protection regime: The GDPR and the Data Protection Act 2018 Robin Hopkins Robin Hopkins 4 October 2017 GDPR: an introduction The problem: Processing of personal data ramps up with technology 1990s legislation

379 views • 17 slides
The Data Protection Landscape Before and aft fter GDPR: General Data Protection Regulation Data

The Data Protection Landscape Before and aft fter GDPR: General Data Protection Regulation Data

The Data Protection Landscape Before and aft fter GDPR: General Data Protection Regulation Data Protection regulations across Europe Current regulations & guidance European Directives 95/46/EC (Data Protection) and 2002/58/EC

440 views • 19 slides

More recommend