wiki:GDPR

Version 21 (modified by Richard Bramley, 7 years ago) ( diff )

--

GDPR

Tags: Information_Governance_Category

Regulation

Latest Developments

Guidance

Work Requirements

Communicate with all Researchers

Documentation

Project / Data Stores

  • Lawful basis for processing
    • Consent
    • Contract with individual
    • Legal obligation
    • Vital interest (i.e., to protect someone's life)
    • Public task (as directed by legislation)
    • Legitimate interest
  • Safeguards
  • Informing the public
  • Anonymisation:
    • Anonymous
    • Pseudonymised
    • Identifiable
  • Data type:
    • Personal data
    • Special category data
  • Archives
  • Data retension timescales
  • Data source
  • Location of data
  • Outputs and data sharing

Transfers, Processors and Data Sharing

  • Organisations
  • Contracts
  • Anonymisation
  • Data type
  • Data processing agreements / Information sharing agreements
  • Length of agreement

Data Protection Impact Assessment

Policies / SOPs / Mitigation

Rights of Data Subject

  • Right to be informed
  • Right to access
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to data portability
  • Right to object
  • Right to not be subject to automated decision-making, including profiling

Areas requiring Action

  • Public communication:
    • Web sites
    • posters
  • Withdrawal / Do not contact / erasure requests
  • Data breach notification
  • Data review meetings
  • Anonymisation / Pseudonymisation
  • Data transfer and encryption
  • Authentication
  • Request management:
    • Access
    • Recification
    • Erasure
    • Restrict processing
    • Data portability
    • Objections

Security

Error: Macro BackLinks(None) failed
'Environment' object has no attribute 'get_db_cnx'

Note: See TracWiki for help on using the wiki.