Data Protection Annual Report 2000/2001

Similar documents
Wesley House data protection statement and privacy notice (short-course delegates)

KING S COLLEGE, CAMBRIDGE

THE BERKSHIRE ARCHERY COACHING GROUP PRIVACY NOTICE

BCS Higher Education Qualifications. Diploma in IT. Professional Issues in Information Systems Practice Syllabus

Programme Specification

Complaints and Compliments Policy. Date Approved: 28 September Approved By: Governing Body. Ownership: Corporate Development

Briefing Session on CPD Requirements. Date : 10 September 2013 Time : 12:30pm to 1:30pm CPD hour : 1 hour Speakers : Phoebe Wong

Communications Strategy

Audit Report. Chartered Management Institute (CMI)

Privacy Policy. England Athletics Limited commitment to Privacy. Introduction. The information we collect about you. The information provided to us

GDPR Compliance. Clauses

Data Protection policy (GDPR)

INFORMATION SYSTEMS EXAMINATIONS BOARD

CERTIFICATE IN LUXEMBOURG COMPANY SECRETARIAL & GOVERNANCE PRACTICE

Financial Planning Institute of Southern Africa SETTING THE STANDARD. Continuous Professional Development (Cpd) Policy

Motorola Mobility Binding Corporate Rules (BCRs)

Master of Accounting (CPA Program)* Master of Advanced Professional Accounting

In this policy, whenever you see the words we, us, our, it refers to Ashby Concert Band Registered Charity Number

Continuing Professional Development Program Guidelines

Care Recruitment Matters Limited Privacy Notice

Data Protection. Privacy Policy. Equestrian Training South West

Post-accreditation monitoring report: British Computer Society (BCS) September 2006 QCA/06/2926

BCS Higher Education Qualifications. Level 6 Computer Services Management

UUEAS Privacy policy - Members

NCG Carlisle College Privacy Statement

CONTINUING PROFESSIONAL DEVELOPMENT RULES

DATES, COSTS AND LOCATIONS FOR 2015 (PUBLIC COURSES IN DATA PROTECTION, FOI AND INFORMATION SECURITY MANAGEMENT)

BIID CPD Providers Directory Handbook Version 2.8 (last updated 06/12/2016)

UNIFORM STANDARDS FOR PLT COURSES AND PROVIDERS

Unclassified. Date Monday 24 September Business Continuity Plan Review - Mission Critical Activities

INFORMATION TECHNOLOGY SECURITY POLICY

Castle View Primary School Data Protection Policy

Privacy Notice. General Information Protection Regulation ( GDPR )

CHASE GRAMMAR SCHOOL PRIVACY STATEMENT General Data Protection Regulations (GDPR)

Protecting your Privacy Winchester Cathedral Privacy Notice

Updated Frequently Asked Questions (FAQ) on Revision of ZICA Accountancy Programme

Master of Accounting (CPA Extension) Master of Advanced Professional Accounting. Information and Enrolment Session

Information and Enrolment Session

Privacy Policy Inhouse Manager Ltd

DCU Guide to Subject Access Requests. Under Irish Data Protection Legislation

Speakers: John Kalohn (moderator) Vice President FINRA Testing and Continuing Education

SCHEME OF DELEGATION (Based on the model produced to the National Governors Association)

Qualification Specification

Canadian Anti-Spam Legislation (CASL)

Clubs template privacy notice wording

LCCI Information Manual For the academic year 2017/18

INFORMATION SYSTEMS EXAMINATIONS BOARD

Proving your identity and ownership of a property

Access Rights and Responsibilities. A guide for Individuals and Organisations

Action Plan Developed by Institute of Public Accountants (IPA) BACKGROUND NOTE ON ACTION PLANS

PROGRAMME SUMMARY You are required to take eight core modules in terms one and two as outlined in the module list.

Guardian Electrical Compliance Ltd DATA PROTECTION GDPR REGULATIONS POLICY

Data Protection Policy

BCS Professional Certification

Calne Without Parish Council. IT Strategy

BRITISH LIBRARY COMPLAINTS POLICY

Client Services Procedure Manual

Privacy Policy. 1. Introduction and Purpose. 2. What we do not do. 3. How we use your information

CERTIFICATION BODY (CB) APPROVAL REQUIREMENTS FOR THE IFFO RESPONSIBLE SUPPLY (IFFO RS) AUDITS AND CERTIFICATION

BODY CORPORATE REGISTRATION Application form

CISI - International Introduction to Securities & Investment Study Support Training EUROPE MIDDLE EAST & NORTH AFRICA ASIA

Cardiff University Security & Portering Services (SECTY) CCTV Code of Practice

JOB INFORMATION: EXAMINATIONS ADMINISTRATOR

REGISTRATION GUIDE Term

2.1 The type of personal information that auda collects about you depends on the type of dealings you have with us. For example, if you:

National Council for Special Education. NCSE Support Service Advisor Job Description and General Notes

1.3 Please follow the links below for further information. Where relevant, we have made a distinction between different categories of data subjects:

GOSFORTH ACADEMY AND GOSFORTH JUNIOR HIGH ACADEMY EXAM POLICY

Exclusive Fast Track Opportunity for CEng Professionals - Gain a recognised Level 5 Diploma in Management and Leadership Qualification

Whiteinch and Scotstoun Housing Association and WS Property Management Ltd. Privacy Policy

Meadowhead School Academy Trust Examinations Policy

Appendix 2. Level 4 TRIZ Specialists Certification Regulations (Certified TRIZ Specialist) Approved for use by MATRIZ Presidium on March 21, 2013

HSCIC Audit of Data Sharing Activities:

Working with investment professionals

Shavington Academy Exams Policy

Privacy Notice. Lonsdale & Marsh Privacy Notice Version July

Decision 206/2010 Mr Ian Benson and the University of Glasgow

Maitri Studio GDPR Compliance Policy

Data protection. A brief guide to notification

Data protection register your organisation

Hertfordshire Natural History Society

The Role of the Data Protection Officer

CUSTOMER COMMENTS, SUGGESTIONS AND COMPLAINTS POLICY

LONDON BOROUGH OF CAMDEN

General Data Protection Regulations Privacy Policy

2018 IFE Qualifications - Frequently Asked Questions (FAQs)

Initial CITP and CSci (partial fulfilment). *Confirmation of full accreditation will be sought in 2020.

sportscotland Clubs template privacy notice wording

THE DATA PROTECTION ACT (1998) AND YOUR CLUB/COUNTY ASSOCIATION

Procedures for responding to requests for personal data to support Data Protection Policy

SCHOOL SUPPLIERS. What schools should be asking!

DATA PROTECTION & PRIVACY POLICY

Data Protection Policy

Vocational Qualifications (QCF, NVQ, NQF) Business Skills Level 1-3. OCR Report to Centres

GDPR SUBJECT ACCESS REQUESTS PROCEDURE

Programme Specification Title of Programme: HNC in Computing and Systems Development with Cisco CCENT

Data Protection and GDPR

Retention & Archiving Policy

Privacy Notice Supporters (Sponsors, Donors, Alumni, Trust and Businesses)

Regulatory Notice 14-39

Transcription:

Data Protection Annual Report 2000/2001 The year has been a busy one for the University s Data Protection Officer and Data Protection Administrator. Working within UWB Subject Access Requests The DP Officer and Administrator dealt with many data protection related queries both from official bodies and members of the public. Police Enquiries were frequent and ranged from enquiries on serious crimes to lost property. Enquiries also came from landlords chasing tenants who d left without paying, alumnus looking for long lost friends, parents who had not heard from their student daughter or son for weeks, financial houses looking for defaulters and solicitors involved in various forms of litigation. Two internal official subject access requests were dealt with and follow up correspondence with regard to one data subject instigated with relevant School. Both requests were with regard to outstanding issues that the data subjects had with their departments which had not been satisfied through the conventional route of talking to Head of School. These requests, although time consuming and involving both central administration departments and relevant Schools, were completed within the 40 day limitation set out under the Data Protection Act 1998. Data Protection Seminars During February/March 2001 five data protection seminars were held for Bangor-based UWB staff. The same presentation was also delivered at St Asaph (CLD office) and twice at Wrexham (School of Nursing/Radiography). In all some 220 UWB staff members were trained in data protection issues. The feed back from the seminars was very positive and staff found the information relevant to workplace scenarios. Data Protection Representatives A network of Data Protection Representatives was set up at UWB during the academic year 2000/2001. The network was established as a result of a request by the DP Officer to the Data Protection Working Group for a named contact in each School/Department for data protection issues. The first meeting of the UWB Data Protection Representatives was held in March 2001. This proved to be a useful exercise both from the Data Protection Officer and the reps point of view. At present some 70 per cent of Departments have data protection reps. It is hoped that this will rise to almost 1

100 per cent over the next few months. The overall view expressed was that those who attended were pleased to have a forum within UWB to raise DP issues and to talk amongst themselves about problems, many of which were common to all reps. It is intended that these meetings be held once a semester, unless the need arises to have more frequent meetings. UWB Data Protection Handbook All staff in post in July/August 2000 were given a copy of the UWB Data Protection Handbook. In addition Personnel Services were given additional copies of the Handbook to give to all new staff appointed after that time. Data Protection and Students Most students registering in September 2000 were handed a notice giving information on data protection within UWB including the UWB Data Protection Web address. Information was also given on the kinds of personal data UWB process and for what purposes. CCTV Guidance on general data protection implications and signage was given to the Estates Department on the new CCTV system. Procedures were agreed to tie in with the general UWB DP policy. Signage for all CCTV Zones was organised, in compliance with the Information Commissioner's Code of Practice on CCTV. A subject access request procedure was suggested to tie in with existing practices. Talks for Schools and Departments Student Services asked the Data Protection Officer to spend time with them at their usual monthly staff meeting. It was a round the table discussion of areas which they were particularly concerned with. Particularly the protocol with regard to the administration of student loans and communication from worried relatives. Payroll staff at Cae Derwen were briefed as to their specific obligations with regard to the Act. The Data Protection Officer was invited to give a presentation to senior managers in Estates. The aim of the presentation was to give them a short overview of the DP Act and to then highlight any specifically relevant areas of the legislation for them. Pensions The University s Pensions Administrator asked for guidance with regard to the data protection implications of administering the pensions fund. Following consultation with the Data Protection Officer a letter on the implications of the Data Protection Act 1998 as it relates to pensions information was sent to all 2

members of the University Pension Scheme with their yearly pensions benefit statement. Bangor Association of University Teachers (BAUT) The Director of Personnel was asked by the BAUT (one of the University s campus unions) to share with them details of staff members who would be eligible to join the union. After discussion with the Data Protection Officer, and having taken legal advice it was decided that this would not be appropriate under the Data Protection Act as the consent of those eligible staff members for this type of disclosure had not been sought at the time they were employed. UWB Data Protection Web Pages The Data Protection Officer has developed UWB s Data Protection Web Pages in the last year. The web pages can be found at: www.bangor.ac.uk/dataprotection Information can now be found on general data protection issues, how to make a subject access request, how to contact the data protection team, how to check UWB s data protection notification and how to make a complaint. The pages were produced bilingually and the Welsh language version can be found at: www.bangor.ac.uk/gwarchoddata UWB Web-based Directory The Data Protection Officer gave advice to the Admin Computing Steering Committee on the data protection considerations of making UWB s directory available from outside UWB. UWB s Notification with the Information Commissioner The Data Protection Act 1998 changed the system whereby organisations registered what they were processing with the Information Commissioner. From being a renewable every three years registration it became renewable every year. In December 2000 the Data Protection Officer reviewed and renewed the University s notification with the Commissioner. Working with Outside Organisations Gwynedd Council The Data Protection Officer was asked by Gwynedd Council to assist them in training their staff in Data Protection. A whole day was set aside in March 2001 for this. The day was split into two, with a Welsh language session in the 3

morning and an English language session in the afternoon. Over the course of the day some 120 staff members were trained. Gwynedd Council Senior Training Officer and the County Solicitor were in attendance and the feedback was very positive. Loughborough University Data Protection Seminar The Data Protection Officer was invited to present a paper at the Data Protection in Higher Education Conference at the University of Loughborough. The presentation focused on Bangor's efforts to become data protection compliant, and the way in which this has been achieved. The presentation was warmly received by the audience of mainly DP Officers from the HE sector. The audience also included some prominent data protection specialists from Loughborough University who have a large Information Science department specialising in both data protection and copyright. Gregynog Colloquium The Data Protection Officer was invited to present a paper on the implications of the new Data Protection Act at the annual Gregynog Colloquium. The paper was part of an afternoon of legal matters including discussion on the Human Rights Act and the RIP Act. WHISD Presentation The Data Protection Officer was invited to hold a morning s data protection training session for members of the WHISD (Wales Higher Education Information Services Staff Training Committee). The presentation was held at the University of Glamorgan and feedback was extremely positive. National Library of Wales The Data Protection Officer conducted a full day s training on data protection in both English and Welsh at the National Library of Wales, Aberystwyth in July. It was agreed that the National Library will assist the Data Protection Officer in records management issues relating to the Freedom of Information Act as a reciprocal visit. Staff Development Courses/Conferences Attended The Data Protection Officer and Data Protection Administrator attended a Human Rights briefing arranged by the University of Wales, Bangor. This proved extremely useful in putting the HR Act into context with the Data Protection Act and the forthcoming Freedom of Information Act 2000. The Data Protection Officer and Data Protection Administrator attended the Keep IT Legal Data Protection Officers Annual Conference in Nottingham. 4

It was a full day of speakers, with topics ranging from the Regulation of Investigatory Powers Act 2000 (RIP Act) through to the proposed Code of Practice for employer/employee relationships which the Information Commissioner is currently working on. This will have some significant impact on UWB and discussions have been taking place with the Director of Personnel Services. The Data Protection Officer attended a one day course at the British Standards Institute in London on Data Protection Auditing. The Data Protection Officer attended the Privacy Laws & Business Conference in Cambridge. This three day conference focused both on Data Protection issues in the UK and internationally, but also on the Freedom of Information Act 2000, the Regulation of Investigatory Powers Act 2000 and the Human Rights Act 1998. Valuable contacts were made both in the Higher Education area and generally in public authorities. The Data Protection Officer and Data Protection Administrator attended a one day Records Management Seminar run by the Society of Archivists. This was in order to begin focusing on both the records management requirement within the Data Protection Act 1998, but also the Freedom of Information Act 2000. The Data Protection Officer and Data Protection Administrator attended the National Association of Data Protection Officers Annual Conference in Coventry. Although mainly a local government Association membership from Higher Education is steadily growing and valuable information was gained on both Data Protection and Freedom of Information Issues. The Data Protection Officer and Data Protection Administrator attended a Freedom of Information Act 2000 briefing held by Rosemary Jay, Solicitor, where a grounding in the Act was obtained. Information Systems Examinations Board (ISEB) Certificate in Data Protection During the course of the academic year the Data Protection Officer followed a course run by Masons Solicitors in London leading to the Information Systems Examinations Board (ISEB) Certificate in Data Protection. The Data Protection Officer was awarded the ISEB s Certificate in Data Protection on 25 th May 2001. Freedom of Information In November 2000 the Freedom of Information Act became law in the United Kingdom. The Act will have an impact on any listed public body with exemptions only for the Special Forces and GCHQ. Full implementation will not be until around 2005, but it is envisaged that certain provisions will be in 5

force earlier than this. A sector by sector rolling programme of implementation has been suggested by the FOI Unit at the Home Office. Aims and Objectives for the year ahead Data Protection To carry out a Data Protection Audit throughout the University To continue to offer data protection training in both Welsh and English to those relevant staff members To ensure continued awareness of the Act for both Data Protection Officer and Data Protection Administrator To increase student awareness of data protection To increase Data Protection Representatives to all Schools and Departments To ensure that those graduating in 2002 will be allowed to opt out of having their degree results printed or put up publicly In conjunction with colleagues in other Welsh HEI s to set up a network of Welsh Data Protection Officers for consultation and exchange of ideas Data Protection Administrator will begin studying for the ISEB Data Protection Qualification To review and renew the University s Data Protection notification with the Information Commissioner To review the need for separate notifications for wholly owned UWB companies. To revise and update UWB s Data Protection Handbook. To revise and update UWB s Data Protection web pages. Freedom of Information To research into Freedom of Information in preparation for implementation To start raising awareness of the University s obligations with relevant senior staff To raise awareness of the Act with Data Protection Officer in first instance In conjunction with the Open University s DP Officer to continue involvement with setting up a FOI Higher Education Focus Group. Gwenan Owen Data Protection Officer August 2001 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback