Data Protection for SDS Employers Alison Johnston Lead

Data Protection for SDS Employers Alison Johnston Lead Policy Officer (Scotland) Information Commissioners Office The Strands of Data Protection Law Key Definitions Data Controller the organisation that makes the

decisions Data Processor an organisation instructed to process personal data on behalf of a Data Controller Data Processing anything which a Data Controller does with personal data, including storing it Data Breach anything that happens to personal data which shouldnt Data Subject an individual identifiable from the personal data that you hold on them

The Accountability Principle The controller shall be responsible for, and be able to demonstrate compliance What is Personal

Data? Personal Data is Any information relating, directly or indirectly, to an identified or identifiable natural person Not all data is the same

Personal Data isnt Always Obvious! Recorded data Electronic Processed by automated equipment

Manual Notes which will be automated Filing systems

Official records Public authorities Who is responsible?

Data controllers Data processors I must get consent to process personal data under GDPR TRUE

FALSE Consent is just one of the lawful basis for processing personal data Conditions for processing Personal data Special category data

Explicit consent Employment, social security, social protection law Vital interests

Not for profit religious, political or trade union bodies Put in public domain by the person Legal proceedings/advice Substantial public interest based on law Health, medical, social care Public health Archiving, research, statistical

Additional conditions are in the new UK Data Protection Act 2018 Consent Contract with the individual Comply with a legal obligation Protecting vital interests Public function in the public interest

Exercise of official authority Legitimate interests of the data controller, but not prejudicial to the person Lawful Basis Tool To be Informed Access

Accuracy/ Rectification Erasure Restrict Processing Object Data Portability Data Sharing

Data Processing Data Breaches Report to the ICO if it is likely to result in a risk to the rights and freedoms of individuals Without undue delay; No later than 72 hours. Will need to provide specific details including: nature of data involved;

contact point details; measures taken as a result of the breach May need to notify individuals affected Data Breach Guidance Useful Links Guide to the GDPR ICO Resources and Support

Self Assessment Toolkit ICO Guidance Keep in touch ICO Scotland 45 Melville Street Edinburgh EH3 7HL T: 0330 123 1115 E: [email protected] Subscribe to our e-newsletter at or find us on


Recently Viewed Presentations

  • Social Darwinism vs. Social Gospel

    Social Darwinism vs. Social Gospel

    Social Darwinism vs. Social Gospel Notes & Venn Diagram ... to the poor Social Darwinism or Social Gospel? base their beliefs on theories of evolution developed by British naturalist Charles Darwin who said that the weaker in society are naturally...
  • Chapter 3 Effects of IT on Strategy and Competition

    Chapter 3 Effects of IT on Strategy and Competition

    Specifically, perform a preliminary SWOT analysis comparing Apple's website with other high-quality websites you have visited. Students should asses all aspects of the website, including ease of use, content, interactivity, and how different products are connected to each other via...
  • Sentence Combining - California State University, Northridge

    Sentence Combining - California State University, Northridge

    While Kim likes meat, Tom prefers salads. If the dependent clause follows the independent clause, don't use a comma. Kim likes meat while Tom prefers salads. Younger people can protect their health by eating more lean beef, skinless chicken, broiled...
  • PowerPoint Presentation

    PowerPoint Presentation

    Systematics BIOL 1407 What is Systematics? Comparative study of biological diversity Intent: Determine evolutionary relationships Photo Credit of 1st Tree of Life: Charles Darwin, 1837, courtesy of Wikimedia Commons Cladistics Method used today by most biologists and paleontologists Clades Groups...
  • Arrival in Canada Part 2 - Ms. Dow, OKM Secondary

    Arrival in Canada Part 2 - Ms. Dow, OKM Secondary

    Mercantilism = raw materials brought to France, final product created in France then sold around Europe. Eg. Beaver pelts . brought from New France and made into hats in France then sold around Europe. Also established . industry - a...
  • Sarbanes-Oxley Compliance Act - Muhariefeffendi's Website

    Sarbanes-Oxley Compliance Act - Muhariefeffendi's Website

    SOX Compliance Review Processes Initial Compliance Planning and SOX Management Plan Initial Internal Audit Review for Compliance Initial External Audit Review for Compliance Annual Reviews (Section 404) Quarterly Reviews (Section 302) On-going Real-time Reviews Significant Sections of SOX Section 302:...
  • Macbeth - Mrs. Croswell's Classroom

    Macbeth - Mrs. Croswell's Classroom

    Deception/betrayal. Manliness. Guilt. Ambition. Corruption. THEME. Topic + Insight " Shakespeare's play . Macbeth. shows that . . . " (what is the lesson about one of the previous topics) Assignment. You will write an analysis essay explaining one of...
  • Outreach - MESH-MN

    Outreach - MESH-MN

    Heading Home Minnesota. By 2011, all areas of MN will be covered by a county or regional plan to end homelessness. State has expanded plan to end ALL homelessness. Federal Plan created in 2010. CoC—comprehensive elements to end homelessness.