Key Points from The Information Commissioner's Office Professional Development Event
Explore discussions around GDPR, Data Protection Act 2018, manifestly unfounded breach notifications, right to erasure, rectification, and more from the NPCC event held on June 19, 2018. Understand the relationship between GDPR and Data Protection Act 2018, along with guidance updates and FAQs provided by the ICO. Delve into topics like law enforcement processing, intelligence services processing, and frequently asked questions regarding the new legislation.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
The Information Commissioner s Office NPCC Professional Development Event 19 June 2018
Points of discussion - - - - - GDPR / Data Protection Act 2018 Guidance / FAQs Manifestly unfounded Breach Notification / Themes Right to erasure / Rectification
General Data Protection Regulation (GDPR) Data Protection Act 2018 How does the legislation fit together?
General Processing Law Enforcement Processing (Part 3) Data Protection Act 2018 Intelligence Services Processing (MI5, MI6, GCHQ) The Information Commissioner ICO Enforcement Preliminary, Supplementary and Final Provision, and Schedules
Guidance update and FAQs For the last two years, the ICO has been helping organisations prepare for the new law by producing guidance and targeted online resources: For organisations For the public
Frequently asked questions Am I a competent authority? Can we still share information with the Police? Do individuals still have the same rights under the new legislation? Does our processing fall under GDPR or Part 3 of the Act?
DPA 1998 Section 29(3) Disclosures made for the purposes of law enforcement permissive Exempt from the non disclosure provisions DPA 2018 Schedule 1 Part 2 (10) Schedule 2 Part 1 (2) Crime and Taxation: general Permissive gateway for disclosure Exempt from the GDPR provisions
Manifestly unfounded and excessive requests Excessive is likely to be of relevance to repetition or frequency Considered on a case by case basis Controller should record reasons for decision making
Breach notification A breach is more than just losing personal data Report to the relevant supervisory authority (ICO) without undue delay and within 72 hours Consider if individuals need to be notified
Breach Themes Most common breach is sending personal data to the wrong recipient Increase in reported cyber security incidents Enforcement action taken against three police forces in 2018 CPS
Right to erasure Individual rights What police forces need to consider Reflections on how this is working in practice
Right to rectification What the law requires How to make this work in practice
Keep in touch PJS@ico.org.uk @iconews Subscribe to our e-newsletter at ico.org.uk
