Upload
brian-miller-solicitor
View
57
Download
1
Embed Size (px)
Citation preview
NEW TECHNOLOGIES, OLD DATA: WHAT ALL ORGANISATIONS NEED
TO KNOW
Brian Miller, Partner
Vicki Bowles, Barrister
Legislative framework - reminder
• Back to basics – key information:– Who is the data controller?– What personal data do you have?– Are you compliant with the principles?
Disclosure
• Comply with the first data protection principle:Personal data shall be processed fairly and lawfully, and in particular, shall not be processed unless-
– At least one of the conditions in Schedule 2 is met, and– In the case of sensitive personal data, at least one of the
conditions in Schedule 3 is also met.
Disclosure
• What is “fair”?– How was the information obtained?– What was the individual told about the
purposes of processing when the information was obtained?
Disclosure
• Schedule 2 conditions:– Para 1: consent– Para 2: contracts– Para 3: compliance with legal obligation– Para 4: protect vital interest of data subject– Para 6: Necessary for the legitimate interests
subject to unwarranted prejudice to rights and freedoms
BYOD
• Bring Your Own Device– Responsibility for breaches– Level of risk v resources
• No BYOD – low risk/not practical• You supply the device and control security settings
– medium risk/expensive• Access limited to certain components of system –
medium/high risk/more practical• Unlimited access – high risk
BYOD
• Have a policy in place:– Minimum levels of security required– Expectations re: downloads etc. if your device
• Training– Do your staff/volunteers understand what they
need to do to secure their device?– Make your requirements clear
Social Media
• Areas of risk:– Use by your organisation– Use by your employees/volunteers outside of
work– Comments made about your organisation
Social Media
• Use by you:– Dedicate necessary resources – reputation– Be clear on what is and is not acceptable– “Chain of command” for authorisation
• Use by employees/volunteers:– Same as BYOD – policy and training– Important to protect reputation– WWTDMT?
Attributions
Slide 1 Some rights reserved by Symo0
Slide 2 Some rights reserved by giulia.forsythe
Slide 3 Some rights reserved by IntelFreePress
Slide 4 Some rights reserved by MichaelMKenny
Slide 5 Some rights reserved by Mista Bob
Slide 6 Some rights reserved by jk5854
Slide 7 Some rights reserved by adactio
Slide 8 Some rights reserved by justgrimes
Slide 9 Some rights reserved by angermann
Slide 10 Some rights reserved by opensourceway
Slide 11 Some rights reserved by AsGood
12