Joint meeting of the ACA and the APL Data Protection: The Actuarys - - PowerPoint PPT Presentation

joint meeting of
SMART_READER_LITE
LIVE PREVIEW

Joint meeting of the ACA and the APL Data Protection: The Actuarys - - PowerPoint PPT Presentation

Apr 03, 2023 33 likes •166 views

Joint meeting of the ACA and the APL Data Protection: The Actuarys Stressometer Stephen Rees FIA 22 February 2018 Commercial in Confidence 1 1980s OECD Legislation 1980: OECD recommends Many countries make 7 principles on data privacy

slide-1
SLIDE 1

1 Commercial in Confidence

Data Protection: The Actuary’s Stressometer Joint meeting of the ACA and the APL

Stephen Rees FIA

22 February 2018

slide-2
SLIDE 2

2 Commercial in Confidence

1980s

OECD EC Legislation DPA

1980: OECD recommends 7 principles on data privacy Many countries make legislation European Commission subsequently feels that different approaches impede free flow of data UK brings in Data Protection Act 1984

slide-3
SLIDE 3

3 Commercial in Confidence

1990s

EC produces 1995 Data Protection Directive Member states have to introduce national law by end of 1998 UK brings in Data Protection Act 1998 Comes into force in March 2000 Recognised as being complex Trustees are Data Controllers; everyone else is a Data Processor Trustees issue Fair Processing / Privacy Notices Everyone carries on mostly unchanged

slide-4
SLIDE 4

4 Commercial in Confidence

2000s

Not much happens In late 2000s European Commission worries (again) about divergent practices in different member states Issues emerging on:

  • complexity of data use
  • change in scale of IT
  • globalisation
  • public v private
slide-5
SLIDE 5

5 Commercial in Confidence

2010-2015

EC Working Party publishes “Opinion” on interpretation

  • f Data Controller and Data Processor

Possibility of “pluralistic control”

2010

Information Commissioner’s Office publishes guidance (updated in 2014) Includes: “Responsibility also lies with the professional services provider itself because it determines what information to obtain and process in order to do the work and because it is answerable itself for the content”

2012

slide-6
SLIDE 6

6 Commercial in Confidence

2010-2015 IFoA announces warning

Includes: A professional services provider “…could be deemed to be a joint data controller with his

  • r her client where that party is providing a highly

specialised professional service…” IFoA assumes that firms will take their own advice and conduct their own analysis, but promises to issue guidance to Scheme Actuaries

slide-7
SLIDE 7

7 Commercial in Confidence

2010-2015

IFoA obtains legal advice

Includes confirmation that actuaries are Specialist Service Providers

2013/14

IFoA issues non- mandatory guidance to Scheme Actuaries

Includes: “Scheme Actuaries… are likely to be treated as data controllers”

1 August 2014

IFoA talks to the ICO

ICO says that actuaries are likely to be Data Controllers and that Scheme Actuaries might be joint Data Controllers with their firm and with their client

2013/14

slide-8
SLIDE 8

8 Commercial in Confidence

2010-2015

Firms amend contracts Fair Processing/ Privacy notices updated Everyone registers with ICO Some element

  • f documenting

relationships between Scheme Actuaries and firms Scheme Actuaries amend appointment letters

slide-9
SLIDE 9

9 Commercial in Confidence

2016-2017

EC publishes Data Protection Directive and GDPR UK produces another Data Protection Act Implementation by 25 May 2018 Principles mostly the same New “Accountability” Principle – more records of evidence and compliance New levels of enforcement and sanctions!

slide-10
SLIDE 10

10 Commercial in Confidence

2018

Staff training Amendments to Fair Processing / Privacy Notices Deletion of old data Amendments to contracts, Scheme Actuary appointment letters and internal commitments More careful recording

  • f issues

Faster reporting

  • f any breaches

Different approach to governance? Lots more documentation

  • f internal processes

Care with data security (especially during transfer)

X

slide-11
SLIDE 11

11 Commercial in Confidence

Will the dial stay on red?

slide-12
SLIDE 12

12 Commercial in Confidence

Thank you

slide-13
SLIDE 13

13 Commercial in Confidence

PN18009

Capita Employee Benefits

65 Gresham Street, London EC2V 7NQ T 020 7709 4500 F 020 7709 4501

Regulatory Statement

  • The information contained within this presentation does not constitute financial advice.
  • The information provided is based on our understanding of current law and taxation as at 22 February 2018.
  • HMRC policy, practice, and legislation may change in the future.

Capita Employee Benefits is a trading name of Capita Employee Benefits Limited and Capita Employee Benefits (Consulting) Limited. Part of Capita plc. www.capita.co.uk. Capita Employee Benefits Limited and Capita Employee Benefits (Consulting) Limited are registered in England & Wales No: 02260524 and 01860772 respectively. Registered Office: 17 Rochester Row, Westminster, London, SW1P 1QT. Separately authorised and regulated by the Financial Conduct Authority.