Data Protection and Freedom of Information: What they mean for you - PowerPoint PPT Presentation

1 / 13
About This Presentation
Title:

Data Protection and Freedom of Information: What they mean for you

Description:

Make sure someone can find your information in your absence ... directory or in the University diary, if she is provide her work email address ... – PowerPoint PPT presentation

Number of Views:25
Avg rating:3.0/5.0
Slides: 14
Provided by: susang54
Category:

less

Transcript and Presenter's Notes

Title: Data Protection and Freedom of Information: What they mean for you


1
Data Protection and Freedom of InformationWhat
they mean for you
  • Records Management Section
  • Academic Policy Unit

2
Case Study (1)
  • You receive an email from an external address -
  • Does Daisy Meadows work at the University of
    Edinburgh? Please give me her email and postal
    addresses.
  • Yours sincerely,
  • Prof. J.D. Jones
  • What will you do?

3
Protecting People data protection and you
  • Data Protection Act 1998
  • Personal data
  • Sensitive personal data
  • Notification
  • Data protection principles
  • Enforcement

4
Personal data
  • Personal data
  • Any information about an identifiable living
    individual, regardless of format. It could be
  • Processed automatically, e.g. electronic
    information on a computer or CCTV footage
  • Manual information in a relevant filing system,
    e.g. paper files kept in a structured filing
    system
  • Unstructured, e.g. disorganised notes

5
Sensitive personal data
  • Sensitive personal data
  • Racial or ethnic origins
  • Political opinions
  • Religious beliefs
  • Trade union membership
  • Physical or mental health
  • Sex life
  • Commission, or alleged commission, of any offence
  • Proceedings for any offence and outcomes

6
Data protection principles
  • Fair and lawful processing
  • No incompatible processing
  • Adequate, relevant and not excessive data
  • Accurate and up-to-date data
  • Data kept for no longer than necessary
  • Processed in accordance with the rights of the
    data subject
  • Security
  • No transfers outside the EEA

7
Rights of the data subject
  • Subject access requests
  • 10 fee
  • 40 calendar days to respond
  • Right to prevent processing
  • Right to have inaccurate data corrected or
    deleted
  • Right to opt out of direct marketing
  • http//www.dma.org.uk/content/Prf-Introduction.asp
  • Rights with regard to automated decision-making

8
Enforcement
  • Complain to UK Information Commissioner
  • University can be sued
  • Personal criminal offences
  • Destruction of information required for a subject
    access request
  • Unauthorised disclosure
  • Failure to comply with enforcement or information
    notice
  • Failure to notify

9
Access All Areas freedom of information and you
  • Freedom of Information (Scotland) Act 2002
  • Individual requests
  • 122 requests received in 2005
  • 92 requests received in 2006
  • Publication scheme
  • www.pubs.recordsmanagement.ed.ac.uk
  • Must publish in line with obligations
  • Must keep up-to-date
  • Records management
  • Offers business benefits too

10
Individual requests
  • Anyone, anywhere can ask for anything held by the
    University
  • Any question to any member of staff counts
  • They do not have to cite freedom of information
  • Includes information created by other
    organisations
  • Cannot ask why they want to know
  • Duty to provide advice and assistance
  • Maximum of 20 working days to respond
  • Must provide information or claim an exemption
  • Exemptions are narrowly drawn

11
Implications for staff
  • Any request for information must be answered
  • in 20 working days
  • In 40 calendar days if it is a subject access
    request
  • Follow the procedures to avoid complications
  • Keep a record of what you did
  • Contact your local practitioner
  • If in doubt or if refusing a request
  • When it is not in your remit to release this
    information
  • All documents e-mails may be open to scrutiny
  • Create clear and professional information and
    encourage use of Internet
  • Make sure someone can find your information in
    your absence
  • Preserve share key information and delete
    unnecessary information

12
Case Study Issues to Consider (2)
  • It is a freedom of information request
  • It asks for personal data
  • Professional vs. personal life
  • Is the information in the public domain?
  • What harm could result by disclosing the
    information?
  • What would Daisy expect?

13
Case Study What to do (3)
  • Refuse to confirm or deny that Daisy works at the
    University, but offer to forward an email or
    letter to her if she does
  • OR
  • Find out if Daisy is listed in the on-line staff
    directory or in the University diary, if she is
    provide her work email address

14
Advice and Assistance
  • Your local practitioner
  • http//www.recordsmanagement.ed.ac.uk/internal/pra
    ctitioners/PractitionersList.htm
  • The Records Management Section
  • recordsmanagement_at_ed.ac.uk
  • http//www.recordsmanagement.ed.ac.uk

15
Thank You
  • Anne Thompson
  • Deputy Records Manager
  • recordsmanagement_at_ed.ac.uk
  • 0131 651 4099
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Data Protection and Freedom of Information: What they mean for you" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!