ewan robson
play

Ewan Robson Director, IG Compliance ltd 1 Todays Training Look at - PowerPoint PPT Presentation

Dec 21, 2022 •158 likes •575 views

Data Protection Act 1998/General Data Protection Regulation 2016 Freedom of Information Act Ewan Robson Director, IG Compliance ltd 1 Todays Training Look at the History of the Data Protection Act/General Data Protection

  1. Data Protection Act 1998/General Data Protection Regulation 2016 Freedom of Information Act Ewan Robson Director, IG Compliance ltd 1

  2. Todays Training  Look at the History of the Data Protection Act/General Data Protection Regulation/Freedom of Information Act  Your Responsibilities  Analyse the Acts  ICO  Training Rules 2

  3. Data Protection Act General Data Protection Regulation  What do you know? 3

  4. Your Responsibilities  Have in place a Fair Processing • Have in place a Fair Processing Notice/Privacy Notice Notice/Privacy Notice  Have in place agreements for • Have in place agreements for sharing information with sharing information with partners? partners?  Have in place procedures for • Have in place procedures for responding to data protection responding to data protection subject access requests? subject access requests? 4

  5. Your Responsibilities (2)  Have in place an officer • Have in place an officer responsible for data protection responsible for data protection Tiered approach (1 st April 2018) •  Register with the Information • £55 Commissioners Office as required by the Data Protection Act? • Give members and officers  Give members and officers training on GDPR and training on data protection and information sharing and ensure information sharing and ensure that knowledge is kept up to that knowledge is kept up to date? date? 5

  6. Legal Definitions  (Data) Controller  a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.  (Data) Processor  in relation to personal data, means any person (other than an employee of the data controller) who processes the data on behalf of the data controller.  (Data) Subject  means an individual (Natural Person) who is the subject of personal data  The definition of personal data is data which relates to a living (natural person) individual who can be identified  from that data, or  from that data and other information which is in the possession of, or is likely to come into the possession of, the ( data ) controller 6

  7. Principle 1  DPA – Principle 1  Personal data shall be processed fairly and lawfully  GDPR – Article 5(1)(a)  Processed lawfully, fairly and in a transparent manner in relation to the data subject 7

  8. Principle 2  DPA – Principle 2  Personal data shall be obtained only for one or more specified and lawful purposes,  GDPR – Article 5(1)(b)  Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes 8

  9. Principle 3  DPA – Principle 3  Adequate, relevant and not excessive  GDPR – Article 5(1)(c)  Adequate, relevant and limited to what is necessary; 9

  10. Principle 4  DPA – Principle 4  Personal data shall be accurate and, where necessary, kept up to date  GDPR – Article 5(1)(d)  accurate and, where necessary, kept up to date; 10

  11. Principle 5  DPA – Principle 5  Personal data shall not be kept for longer than is necessary  GDPR – Article 5(1)(e)  kept in a form which permits identification of data subjects for no longer than is necessary 11

  12. Principle 6  DPA – Principle 6  Personal data shall be processed in accordance with the rights of data subjects  GDPR – Article 15 12

  13. Principle 7  DPA – Principle 7  Appropriate technical and organisational measures  GDPR – Article 5(1)(f)  processed in a manner that ensures appropriate security of the personal data 13

  14. Principle 8  DPA – Principle 8  Personal data shall not be transferred to a country or territory outside the European Economic Area  GDPR – Removed 14

  15. Data Subject Rights – Article 15  Given a description of the personal • Given a description of the personal data, data, the reasons it is being processed, the reasons it is being processed, and and whether it will be given to any whether it will be given to any other other organisations or people; organisations or people;  Given a copy of the information • Given a copy of the information comprising comprising the data; the data;  Apply in writing (form or Letter) • Apply in writing (form/Letter or verbal)  Name – Name  Address/contact details – Address/contact details  Fee if appropriate – No Fee  40 days to complete the request • 1 calendar month to complete the request  To communicate the information in an • To communicate the information in an intelligible form intelligible form  Rights to complain to the ICO • Rights to complain to the Regulatory Authority 15

  16. Data Protection Officer  Article 37 - Designation of the data protection officer  The controller and the processor shall designate a data protection officer in any case where:  (a) the processing is carried out by a public authority or body, except for courts acting in their judicial capacity; 16

  17. Data Protection Officer (2)  Article 38 - Position of the data protection officer  The controller and the processor shall ensure that the data protection officer is involved, properly and in a timely manner, in all issues which relate to the protection of personal data.  The controller and processor shall support the data protection officer in performing the tasks referred to in Article 39 by providing resources necessary to carry out those tasks and access to personal data and processing operations, and to maintain his or her expert knowledge.  The controller and processor shall ensure that the data protection officer does not receive any instructions regarding the exercise of those tasks. He or she shall not be dismissed or penalised by the controller or the processor for performing his tasks. The data protection officer shall directly report to the highest management level of the controller or the processor.  Data subjects may contact the data protection officer with regard to all issues related to processing of their personal data and to the exercise of their rights under this Regulation.  The data protection officer shall be bound by secrecy or confidentiality concerning the performance of his or her tasks, in accordance with Union or Member State law.  The data protection officer may fulfill other tasks and duties. The controller or processor shall ensure that any such tasks and duties do not result in a conflict of interests. 17

  18. Data Protection Officer (3)  Article 39 - Tasks of the data protection officer  The data protection officer shall have at least the following tasks:  (a) to inform and advise the controller or the processor and the employees who carry out processing of their obligations pursuant to this Regulation and to other Union or Member State data protection provisions;  (b) to monitor compliance with this Regulation, with other Union or Member State data protection provisions and with the policies of the controller or processor in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations, and the related audits;  (c) to provide advice where requested as regards the data protection impact assessment and monitor its performance pursuant to Article 35;  (d) to cooperate with the supervisory authority;  (e) to act as the contact point for the supervisory authority on issues relating to processing, including the prior consultation referred to in Article 36, and to consult, where appropriate, with regard to any other matter.  2. The data protection officer shall in the performance of his or her tasks have due regard to the risk associated with processing operations, taking into account the nature, scope, context and purposes of processing. 18

  19. Who is the What do they What does ICO do that mean • Advice • Investigation • UK Independent • Fines Authority • Complaints • Enforcement notices • Decision notices 19

  20. GENERAL DATA PROTECTION REGULATION 20

  21. Why was the change needed  Aim to reinforce individuals rights in the digital age  Free flow of personal data in the digital market  To give citizens back control over their personal data  Simplify the regulatory environment for business  Applicable to all EU Member states 21

  22. Headline changes  A single set of rules throughout the EU  Privacy by Design  Mandatory Data Protection Officers for public authorities  Greater focus on obtaining explicit consent  Mandatory reporting of high risk incidents within 72 hours  Increase in sanctions (2-4% of turnover)  Right to be forgotten & Data Portability  Liabilities of Controller and Processor  Rights of the Data Subject 22

  23. Articles of Note Article 3: Territorial scope Article 4: Definitions Article 5: Principles relating to personal data processing Article 6: Lawfulness of processing Article 7: Conditions for consent Article 9: Processing of special categories of personal data 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A recent reversal of climatic trends in the North Atlantic Jon Robson j.i.robson@reading.ac.uk

A recent reversal of climatic trends in the North Atlantic Jon Robson j.i.robson@reading.ac.uk

A recent reversal of climatic trends in the North Atlantic Jon Robson j.i.robson@reading.ac.uk @JonIRobson Thanks to : Pablo Ortega and Rowan Sutton Motivation: Atlantic Multi-decadal Variability Robson et al, 2012 Substantial evidence that

681 views • 25 slides
Xen Summit 18 April, 2007 TJ Watson Research Center The Xen-API Ewan Mellor ewan@xensource.com

Xen Summit 18 April, 2007 TJ Watson Research Center The Xen-API Ewan Mellor ewan@xensource.com

Xen Summit 18 April, 2007 TJ Watson Research Center The Xen-API Ewan Mellor ewan@xensource.com Xen Management Architecture Cluster-wide Integration The aim is to integrate Xen-based systems with enterprise-level cluster management

213 views • 17 slides
Robby Robson John Costa Peter Berking Aaron Veden Kevin Havas Elliot Robson

Robby Robson John Costa Peter Berking Aaron Veden Kevin Havas Elliot Robson

Personalized eBooks for Learning PeBL PI Meeting 2018 Robby Robson John Costa Peter Berking Aaron Veden Kevin Havas Elliot Robson How eBooks Work Provides display, Software (free) Reader sensors (e.g. GPS),

417 views • 17 slides
AI Large Practical: Assignment 2 Ewan Klein School of Informatics Oct 29 2014 Ewan Klein

AI Large Practical: Assignment 2 Ewan Klein School of Informatics Oct 29 2014 Ewan Klein

AI Large Practical: Assignment 2 Ewan Klein School of Informatics Oct 29 2014 Ewan Klein (School of Informatics) AI Large Practical: Assignment 2 Oct 29 2014 1 / 18 Table of Contents 1 Assignment Overview 2 Burden of Proof 3 The Report Ewan

188 views • 18 slides
Xen Summit 8 September, 2006 Xen Management API and Control Stack Ewan Mellor

Xen Summit 8 September, 2006 Xen Management API and Control Stack Ewan Mellor

Xen Summit 8 September, 2006 Xen Management API and Control Stack Ewan Mellor ewan@xensource.com Xen Management Architecture Cluster-wide Integration The aim is to integrate Xen-based systems with enterprise-level cluster management

205 views • 19 slides
A Digital NHS Ewan Davis Consultant to NHS England 34 Years in NHS IT SME > Corporate

A Digital NHS Ewan Davis Consultant to NHS England 34 Years in NHS IT SME > Corporate

A Digital NHS Ewan Davis Consultant to NHS England 34 Years in NHS IT SME > Corporate Founder of HANDI Past Chair TechUK Healthcare Group Past Chair BCS Primary Health Care Group ewan.davis@nhs.net A Digital NHS - Agenda Some

510 views • 13 slides
AI Large Practical Ewan Klein School of Informatics Sept 17 2014 Ewan Klein (School of

AI Large Practical Ewan Klein School of Informatics Sept 17 2014 Ewan Klein (School of

AI Large Practical Ewan Klein School of Informatics Sept 17 2014 Ewan Klein (School of Informatics) AI Large Practical Sept 17 2014 1 / 15 AILP: Course Description The official descriptor is on-line:

185 views • 16 slides
Object-Oriented Programming Inheritance . . . . . Ewan Klein Inf1 :: 2008/09 . . . . .

Object-Oriented Programming Inheritance . . . . . Ewan Klein Inf1 :: 2008/09 . . . . .

. . Object-Oriented Programming Inheritance . . . . . Ewan Klein Inf1 :: 2008/09 . . . . . . Ewan Klein Object-Oriented ProgrammingInheritance . Inheritance and Polymorphism Chapters 7 9 of Head First Java . Central to whole

311 views • 13 slides
Ewan Baldry Juno Cars Winning Edge the difference is design Bentley Motors - 29 th April 2014

Ewan Baldry Juno Cars Winning Edge the difference is design Bentley Motors - 29 th April 2014

Ewan Baldry Juno Cars Winning Edge the difference is design Bentley Motors - 29 th April 2014 Company Background Established in 1999 by former Rolls-Royce/Bentley, TVR and Williams F1 Employee Ewan Baldry Design and Manufacture

431 views • 15 slides
On the Security of Tandem-DM Ewan Fleischmann, Michael Gorski, Stefan Lucks Bauhaus-University

On the Security of Tandem-DM Ewan Fleischmann, Michael Gorski, Stefan Lucks Bauhaus-University

Outline Introduction Security of Tandem-DM Concluding Remarks On the Security of Tandem-DM Ewan Fleischmann, Michael Gorski, Stefan Lucks Bauhaus-University Weimar February 23, 2009 Ewan Fleischmann, Michael Gorski, Stefan Lucks On the

771 views • 54 slides
VPL CENTRAL LIBRARY SQUARE - ROBSON ST & HOMER ST FRIDAY MAY 11 12:00-16:00 SATURDAY MAY 12

VPL CENTRAL LIBRARY SQUARE - ROBSON ST & HOMER ST FRIDAY MAY 11 12:00-16:00 SATURDAY MAY 12

VPL CENTRAL LIBRARY SQUARE - ROBSON ST & HOMER ST FRIDAY MAY 11 12:00-16:00 SATURDAY MAY 12 12:00-16:00 Sarah Labahn, Tadayori Nakao, Lily Raphael, Stella Zhou CONTEXT MAP City Scale Locate at the central-east side of downtown

362 views • 10 slides
Parallel Programming: The Road to HPC Prof. Michael Robson Name Preferred Name Introductions

Parallel Programming: The Road to HPC Prof. Michael Robson Name Preferred Name Introductions

Parallel Programming: The Road to HPC Prof. Michael Robson Name Preferred Name Introductions Pronoun (she/he/they) Interesting Fact / Hobby / Excited to Learn What and how should I parallelize? premature optimization is the root of all

548 views • 41 slides
The Surgical Management of RCC From Robson to Radiofrequency Ablation f q y Tony Finelli, MD,

The Surgical Management of RCC From Robson to Radiofrequency Ablation f q y Tony Finelli, MD,

The Surgical Management of RCC From Robson to Radiofrequency Ablation f q y Tony Finelli, MD, MSc, FRCSC University Health Network y University of Toronto Backgro nd Background Renal cell carcinoma (RCC) is 9 th most (RCC) is 9 most

1.13k views • 88 slides
Full Participation & Practical Accessibility Tools to be inclusive Ezekiel Robson, Vicki

Full Participation & Practical Accessibility Tools to be inclusive Ezekiel Robson, Vicki

Full Participation & Practical Accessibility Tools to be inclusive Ezekiel Robson, Vicki Terrell, Kaituitui, DPA Mireille Vreeburg, Auckland Facilitator, NZDSN People with disabilities Those who have long-term physical, mental,

495 views • 23 slides
ED ROBSON ARENA COMMUNITY MEETING #1 JANUARY 5, 2019 1 Agenda Welcome and Introductions

ED ROBSON ARENA COMMUNITY MEETING #1 JANUARY 5, 2019 1 Agenda Welcome and Introductions

ED ROBSON ARENA COMMUNITY MEETING #1 JANUARY 5, 2019 1 Agenda Welcome and Introductions Public Process Overview Project Goals and Objectives Entitlement Process and Preliminary Site Plan Transportation: Parking and Traffic

419 views • 40 slides
Robson E. De Grande Azzedine Boukerche PARADISE Laboratory SITE University of Ottawa

Robson E. De Grande Azzedine Boukerche PARADISE Laboratory SITE University of Ottawa

Robson E. De Grande Azzedine Boukerche PARADISE Laboratory SITE University of Ottawa September 2010 DS-RT 2011 . Introduction High Level Architecture Dynamic Load Balancing Related

831 views • 24 slides
GDPR (EU General Data Protection Regulation) ePrivacy Directive and Regulation CCPA

GDPR (EU General Data Protection Regulation) ePrivacy Directive and Regulation CCPA

HOW IS BUSINESS DEALING WITH THE GDPR AND CCPA? CURRENT AND EMERGING AREAS OF PRIVACY FOCUS GDPR (EU General Data Protection Regulation) ePrivacy Directive and Regulation CCPA (California Consumer Privacy Act) GDPR (EU) Effective

493 views • 4 slides
Heterogenous Resources for data processing Heterogenous Execution for CMSSW Concentrating

Heterogenous Resources for data processing Heterogenous Execution for CMSSW Concentrating

Heterogenous Resources for data processing Heterogenous Execution for CMSSW Concentrating on HCAL / ECAL Local Energy Reconstruction Current Calorimeters take 20-25% RECO time And both use the same algorithm -> fast NNLS 1 Template

328 views • 4 slides
Data reduction and processing tutorial Petr V. Konarev European Molecular Biology Laboratory,

Data reduction and processing tutorial Petr V. Konarev European Molecular Biology Laboratory,

17-24 October 2012 EMBO Course Data reduction and processing tutorial Petr V. Konarev European Molecular Biology Laboratory, Hamburg Outstation BioSAXS group 17-24 October 2012 EMBO Course EMBL BioSAXS beamline X33, 2012 Optics Vacuum

565 views • 37 slides
Data and Process Modelling 2. Information System Development Marco Montali KRDB Research Centre

Data and Process Modelling 2. Information System Development Marco Montali KRDB Research Centre

Data and Process Modelling 2. Information System Development Marco Montali KRDB Research Centre for Knowledge and Data Faculty of Computer Science Free University of Bozen-Bolzano A.Y. 2015/2016 Marco Montali (unibz) DPM - 2.IS Development

383 views • 25 slides
Accountability and Governance evidence To what extent can an agreed RMP act as evidence

Accountability and Governance evidence To what extent can an agreed RMP act as evidence

RMPs and GDPR Accountability and Governance evidence To what extent can an agreed RMP act as evidence of compliance with GDPR obligations around accountability and governance? Article 5(2) Accountability Principle The

362 views • 13 slides
Spac ace e and Da Data ta Protec tection tion GLI LIS, S, 7 June ne 2016 2016

Spac ace e and Da Data ta Protec tection tion GLI LIS, S, 7 June ne 2016 2016

Spac ace e and Da Data ta Protec tection tion GLI LIS, S, 7 June ne 2016 2016 Introduction Space Policies all around the globe put emphases on space services supporting growth, jobs, innovation and competitiveness. Technology

219 views • 10 slides
How Vembu BDR Suite ensures the data protection for your Modern Data Centers? www.vembu.com

How Vembu BDR Suite ensures the data protection for your Modern Data Centers? www.vembu.com

How Vembu BDR Suite ensures the data protection for your Modern Data Centers? www.vembu.com Vembu Technologies Founded in 2002 Headquartered in Chennai 10+ Years of Experience 100+ Countries 4000+ Partners 60000+ Businesses TRUSTED BY OVER

350 views • 16 slides
The GDPR and the Data Protection Act 2018 Robin Hopkins Robin Hopkins 4 October 2017 GDPR: an

The GDPR and the Data Protection Act 2018 Robin Hopkins Robin Hopkins 4 October 2017 GDPR: an

The new data protection regime: The GDPR and the Data Protection Act 2018 Robin Hopkins Robin Hopkins 4 October 2017 GDPR: an introduction The problem: Processing of personal data ramps up with technology 1990s legislation

379 views • 17 slides

More recommend