This short presentation explains the principles of protecting data' As you look at the slides think

1
Data Protection and You

• This short presentation explains the principles
  of protecting data. As you look at the slides
  think of you as a data subject in the big wide
  world, you as a data subject of Mersey Care and
  service users as data subjects of our information
  systems.

How did you get my address?
The show ends with details of how to stop
unwanted telephone calls, faxes, mail shots and
silent (cold) calls. Thanks to East Sussex for
the original design idea covering the
principles. Steve Brewster, eGovernance Manager,
Mersey Care NHS Trust When you finish with a page
just click!
2
Principle 1Processed fairly and lawfully only
with a legitimate basis

• There should be no surprises, so inform data
  subjects why you are collecting their
  information, what you are going to do with it and
  who you may share it with...

e.g. when formulating a research project,
remember to be open and transparent about
what you will be doing with the information
3
Principle 2Processed only for specified lawful
purposes/no incompatible processing

• Only use the information for the authorised
  purpose(s) stated
• Look out for tick boxes often hidden at the
  bottom of forms !!

Please tick if you do not wish your details to be
used for internal promotions or passed to our
parent companies
Please tick if you do not wish to receive
information about products and services from
carefully selected companies
4
Principle 3Adequate, relevant and not excessive

• Only collect and keep the information you
  require
• Do not keep just in case it might be useful one
  day !

e.g. taking both daytime and evening telephone
number if you know you will only call in the day
5
Principle 4Accurate and kept up-to-date
I wonder if anything has changed???

• Are you sure your information is up to date?
• Take care inputting data
• Do you have mechanisms for checking your
  information is accurate?

1950
e.g. are service users asked to confirm
that their details are correct - address,
telephone number etc.
6
Principle 5Not kept for longer than is necessary
Can I dispose of this now?

• Follow advised Retention periods
• NHS Code of Practice Records Management (Part
  2) If you follow the link, click
• Back, then Open, to return to this page)
• Ensure regular housekeeping/spring cleaning
• Do not keep just in case it might be useful one
  day !

7
Principle 6Processed in accordance with data
subjects rights

• Subject access
• Prevention of processing
• Processing for direct marketing
• an end to junk mail faxes!
• Automated decision taking
• Compensation
• Rectification/blocking/erasure
• Request an assessment

Individual
Rights
8
Principle 7 Protected by appropriate security
(Practical)

• E.g.
• Keep your password(s) secret
• Always keep confidential papers in a locked
  cabinet clear desk policy?
• Ensure confidential telephone conversations
  cannot be overheard
• Ensure secure route for
• confidential faxes (Safe Haven)

9
Principle 7 Protected by appropriate security
(Organisational)

• An organisation needs ...
• Good data management practices
• Guidelines on IT security
• Staff training
• Confidentiality clause in employment contracts
• Procedure for access to personal data
• Confidentiality contracts with third parties e.g.
  archiving companies, cleaners, confidential waste

10
Principle 8Not transferred outside the European
Economic Area (EEA) without adequate protection

• Be careful about Websites
• e.g. if putting personal information data on a
  website, gain consent from the person first
• Where is your support service operator based ??
• if outside the EEA is your information
  adequately protected??

11
For further information ...

• Caldicott Guardian Dr David Fearnley
• Data Protection Officer Steve Brewster
• Tel. 0151 471 2685
• Information Commissioners website
• www.ico.gov.uk
• Data Department of Constitutional Affairs
• www.dca.gov.uk/ccpd/dpsubleg.htm
• (If you follow the links, click Back, then Open,
  to return to this page)
• and finally.

12
For your information ...

• The Telephone / Fax / Mail Preference Services
  allows
• you to register your home phone number, fax and
  address
• details not to receive unsolicited sales and
  marketing
• calls.
• Address Telephone (or Fax or Mail) Preference
  Service DMA House 70 Margaret
  Street London W1W 8SS
• TPS Registration line - 0845 070 0707
• FPS Registration line - 0845 070 0702
• MPS Registration line - 0845 703 4599
• Email tps_at_dma.org.uk, fps_at_dma.org.uk,
  mps_at_dma.org.uk
• Web tpsonline, fpsonline, mpsonline (If you
  follow the link, click Back, then
• Open, to return to this page)

13
Cold Calling ...
Silent calls are caused by computerised dialling
equipment common in telesales. The equipment
often dials more numbers than there are call
centre operators available in the expectation
that some of the people being called will not be
home. This can leave you without an operator on
the end of the line, resulting in a "silent
call", which is annoying at best, but sometimes
distressing.
Please click here to stop them!
(If you follow the link, click Back, then Open,
to return to this page)
14
The End ? ? ?
Many Thanks
Press Esc to quit or close window