Data Protection for SDS Employers Alison Johnston Lead
Data Protection for SDS Employers Alison Johnston Lead Policy Officer (Scotland) Information Commissioners Office The Strands of Data Protection Law Key Definitions Data Controller the organisation that makes the
decisions Data Processor an organisation instructed to process personal data on behalf of a Data Controller Data Processing anything which a Data Controller does with personal data, including storing it Data Breach anything that happens to personal data which shouldnt Data Subject an individual identifiable from the personal data that you hold on them
The Accountability Principle The controller shall be responsible for, and be able to demonstrate compliance What is Personal
Data? Personal Data is Any information relating, directly or indirectly, to an identified or identifiable natural person Not all data is the same
Personal Data isnt Always Obvious! Recorded data Electronic Processed by automated equipment
Manual Notes which will be automated Filing systems
Official records Public authorities Who is responsible?
Data controllers Data processors I must get consent to process personal data under GDPR TRUE
FALSE Consent is just one of the lawful basis for processing personal data Conditions for processing Personal data Special category data
Explicit consent Employment, social security, social protection law Vital interests
Not for profit religious, political or trade union bodies Put in public domain by the person Legal proceedings/advice Substantial public interest based on law Health, medical, social care Public health Archiving, research, statistical
Additional conditions are in the new UK Data Protection Act 2018 Consent Contract with the individual Comply with a legal obligation Protecting vital interests Public function in the public interest
Exercise of official authority Legitimate interests of the data controller, but not prejudicial to the person Lawful Basis Tool To be Informed Access
Accuracy/ Rectification Erasure Restrict Processing Object Data Portability Data Sharing
Data Processing Data Breaches Report to the ICO if it is likely to result in a risk to the rights and freedoms of individuals Without undue delay; No later than 72 hours. Will need to provide specific details including: nature of data involved;
contact point details; measures taken as a result of the breach May need to notify individuals affected Data Breach Guidance Useful Links Guide to the GDPR ICO Resources and Support
Self Assessment Toolkit ICO Guidance Keep in touch ICO Scotland 45 Melville Street Edinburgh EH3 7HL T: 0330 123 1115 E: [email protected] Subscribe to our e-newsletter at www.ico.org.uk or find us on
Variabililty in Phase II Enzymes. N-acetyltransferase (NAT2) Cancer risk. Metabolism of isoniazide, caffeine, others. UDP-glucuronosyltransferase (UGT1A1*28) Gilbert's Syndrome. Metabolism of irinotecan. Thiopurinemethyltranferase (TPMT) Metabolism of 6-mercaptopurine and azathioprine
JC Maths syllabus changes in 2000, first examined in 2003. Results of PISA in 2000, 2003. Reviewing post-primary maths education. Discussion Paper in 2005 for consultation. Research Paper by Conway and Sloane. Report on the Consultation. Syllabus and Assessment.
National Committee for Quality Assurance (NCQA) implemented a national campaign to test every sexually active woman, 25 years and younger, for chlamydia NCQA baseline screening data (2003): 30% of women with commercial insurance 44% of women with Medicaid Loyola's Opportunity:...
Frank Sinatra, "Witchcraft" Let's pretend we're bunny rabbits Let's do it all night long Let abbots, Babbitts & Cabots Say Mother Nature's wrong.... Magnetic Fields, "Let's Pretend We're Bunny Rabbits" James Miller [email protected] Emily Alling [email protected] * *