GDPR

Tags: Information_Governance_Category

Regulation

• ​EU Regulation
• ​Nicely Formatted

Latest Developments

• ​NHS Digital GDPR FAQ (Check Monthly)
• ​ICO - What's New (Check Monthy)

Guidance

• ​Write up (GP Sysytem)
• ​NHS Digital
• ​ICO - Certainly the best. A good starting point for creating policies and SOPs. Contains templates and checklists.
• ​ICO Big Data and Machine Learning guidance
• ​GDPR Webinar

Work Requirements

• ​ICO Checklist

Communicate with all Researchers

• ​ICO Overview - distribute?

Documentation

• ​ICO Documentation Guidance with templates and checklists

Project / Data Stores

• Grounds to process
  • Consent
• Safeguards
• Informing the public
• Anonymisation:
  • Anonymous
  • Pseudonymised
  • Identifiable
• Data type:
  • Personal data
  • Special category data
• Archives
• Data retension timescales
• Data source
• Location of data
• Outputs and data sharing

Transfers, Processors and Data Sharing

• Organisations
• Contracts
• Anonymisation
• Data type
• Data processing agreements / Information sharing agreements
• Length of agreement

Data Protection Impact Assessment

• ​ICO Data Protection Impact Assessment
• ​ICO Code of Practice - i.e., How to guide

Policies / SOPs / Mitigation

Rights of Data Subject

• Right to be informed
• Right to access
• Right to rectification
• Right to erasure
• Right to restrict processing
• Right to data portability
• Right to object
• Right to not be subject to automated decision-making, including profiling

Areas requiring Action

• Public communication:
  • Web sites
  • posters
• Withdrawal / Do not contact / erasure requests
• Data breach notification
• Data review meetings
• Anonymisation / Pseudonymisation
• Data transfer and encryption
• Authentication
• Request management:
  • Access
  • Recification
  • Erasure
  • Restrict processing
  • Data portability
  • Objections

Security

• ​ICO Guidance (work in progress)

Error: Macro BackLinks(None) failed

'Environment' object has no attribute 'get_db_cnx'