Purpose specific Information Sharing Agreement. Community Safety Accreditation Scheme Part 2

Size: px
Start display at page:

Download "Purpose specific Information Sharing Agreement. Community Safety Accreditation Scheme Part 2"

Transcription

1 Document Information Summary Partners ISA Ref: As Part 1 An agreement to formalise the information sharing arrangements for the purpose of specific Information sharing pursuant to Crime and Disorder reduction through partnership working. Hampshire Constabulary and The Community Safety Accreditation Scheme Partner as named in - Part 1 1. Date agreement comes into force: As Part 1 Date agreement to be reviewed: As Part 1 Agreement owner: Hampshire Constabulary Agreement drawn up by: Information Governance, Joint Information Management Unit, Hampshire Constabulary Version Record Version No Amendments Made Authorisation 1.4 Note on updating Part 2 of this ISA: Part 2 of this agreement will not be updated without seeking approval of the signatures to Part 1. The exceptions to this are: The addition of a new signatory to the Partner section A new review date, following a review resulting in no changes 1 See Part 1 for the agreement by the specific partners to abide by this ISA v1.4 1 of 15

2 Table of Contents 1. PURPOSE AND SCOPE OF THIS AGREEMENT 3 2. PROCESS OF SHARING 4 3. DATA PROTECTION AND CONFIDENTIALITY CONSIDERATIONS 7 4. ROLES AND RESPONSIBILITIES 14 APPENDIX A PRINCIPLES OF THE DATA PROTECTION ACT 15 APPENDIX B HUMAN RIGHTS ARTICLE 8 15 v1.4 2 of 15

3 1. Purpose and scope of this agreement Hampshire Constabulary is committed to working in partnerships to increase community safety; to look continually for opportunities to work more closely with organisations that can assist the police to detect, prevent and reduce crime and anti-social behaviour; and to develop and monitor strategies to reduce crime and anti-social behaviour. This agreement is to facilitate the lawful exchange of information in order to enable accredited persons as appropriate to exercise powers listed under schedule 5 of the Police Reform Act, 2002 and for the police to gather information in support of crime and disorder reduction initiatives. In pursuance of Section 41(1) of the Police Reform Act 2002, the Chief Officer can enter into an arrangement with an organisation, which enables employees to apply for accreditation under the Community Safety Accreditation Scheme (CSAS). The Chief Officer invites participation and partnership with organisations to work together to develop and implement a strategy and tactics for crime reduction. It also identifies where other mechanisms exist to facilitate an exchange of information for the same basic aims. This agreement is mainly concerned with the exchange of personal information. Therefore, where de-personalised information is requested the assumption is that this information will be shared. Wherever possible, information that does not identify individuals should be used and disclosed. It must be recognised that this document cannot provide clear guidance on every type of scenario and should be used only as an overall guide. As each case must be treated on its own merit, it may be necessary for organisations to seek specialist advice before requesting or disclosing any personal information. This ISA describes the formalisation of a pre-existing and lawful process and presents no additional privacy concerns to necessitate a privacy impact assessment. It has been determined in this case that the ISA addresses the privacy points. 1.1 Specific aims and benefits of sharing The aim of this agreement is to reduce and prevent incidents of criminal and disorderly behaviour through the sharing of information and intelligence; and in order for a co-ordinated response to resolve an incident at the earliest opportunity. The benefits of agreement between the organisations are: v1.4 3 of 15

4 Better informed decision making and collaborative working Improved inter-agency relationships Better profiling of crime and disorder activity to enable the more effective targeting of resources Safeguarding the vulnerable Reducing crime and disorder Increasing community safety Bringing offenders to justice Protecting life and property The parameters of the agreement will also allow the two agencies to work in partnership for the benefit of the wider public interest in reducing crime, preventing crime and anti-social behaviour which are encompassed by the Crime and Disorder Partnership. 2. Process of Sharing Personal data shared must be justified on the merits of each case and must be proportionate and no more than necessary for the purpose for which it is being shared. (See for the policing purpose in full). 2.1 Types of data that could be shared To prevent irrelevant or excessive information being disclosed, the type of information that may be shared under the terms of this agreement may consist of any information the organisations can justify as necessary and proportionate to target and reduce crime and disorder; such as: Information available on SafetyNet, Individuals involved in anti-social behaviour, Vulnerable people, Witnesses of crime, Stolen vehicles, ASB hot spots and Information supplied in the daily briefings (unless evaluated as not suitable for sharing with partners agencies). Once received, police officers will ensure that all information is processed diligently and expeditiously and that in all relevant cases, each organisation will ensure that all parties are appraised and briefed as appropriate regarding the relevant outcomes. The object is to encourage positive working relationships, maintaining the understanding that police review all submissions, regardless of whether any results or actions are made apparent to the partner and that they will not be in a position to confirm or deny v1.4 4 of 15

5 presence of information which is not relevant to the function of the CSAS accredited person. Where police become aware of specific criminal intelligence there is no expectation that this will be shared with the scheme. Should the police become aware of any specific information that would lead to concern over personal safety they will endeavour to inform all relevant parties accordingly. Information will not be shared where disclosure would prejudice ongoing criminal proceedings unless there is an overriding public safety requirement to do so. Hampshire Constabulary can share where necessary and proportionate to meet the policing purpose. No police tactics will be shared under this agreement. 2.2 Disclosure of Photographs Photographs / images of juveniles, aged under 18 years, will not be circulated unless approved and in accordance with provisions of the Anti-Social Behaviour Act. The publication of photographs under this age is prohibited by the Children and Young Persons Act Photographs / images will only be released subject to compliance with the conditions outlined with this agreement and where it is necessary in support of schedule 5 of the Police Reform Act The information is exchanged for this purpose in accordance with the Data Protection Act Photographs / images will only be disclosed against signature of the Designated Person(s) and dated. Only the image, name and date of birth will be disclosed, as the image will only be used to ensure correct identification. At the time of disclosure a review date will be set. The review date will be determined in consideration of the level of risk an individual poses. The Police Liaison Officer will, prior to this date and in order to comply with audit controls, collect all circulated images. In any event, a review of all circulations will be carried out. Furthermore, the photographs / images will be reviewed at a maximum of 12 months from the date they were last updated and be returned to the owner, if no longer required or relevant. Should an identification using a photograph / image be made, which results in legal process, then that photograph / image must be seized and retained as v1.4 5 of 15

6 evidence in accordance with the Police and Criminal Evidence Act, 1984 and Criminal Procedures and Investigation Act Making a request All requests for police data should be made by via the NPT Police Liaison Officer and 24/7 Intel. The request for information sharing must contain o Reason for the request o Relevance of the data sought to the request o Data Sought o Any necessary information to identify the data sought The identity of the originator must be recorded against relevant data. 2.4 Sharing data Ensure the request for data meets the joint purpose and has come from a legitimate source. Ensure the data to be shared is relevant to meet the joint purpose o Ensure the partner has enough data to act upon o Remove all excessive data o Check s chains to ensure excess data is not sent to a recipient in error Ensure the data is accurate Ensure transfer is secure o Use one of the following secure methods SafetyNet NPT/Event briefings Anti-Social Behaviour Panels Daily Management Meetings Police Control Room(including Resolution Centre) Community Tasking and Co-ordinating Groups Secure (e.g..pnn,.cjsm) Community Focus Team (based at CWUN) Airwave radio terminal (Provided that appropriate authorisation has been granted for access to the police channel) Keep a record 2 of: o The request for data o What information has been shared o With whom the information was shared o Purpose for sharing 2 Using the Z Information Sharing (Management Occurrence) on Hampshire Constabulary s RMS v1.4 6 of 15

7 o Rationale for: Disclosing data Withholding data Declining a request in full In the event of data loss or error: o Establish the facts of the loss or compromise o If possible, identify where the data is or who it has gone to o Identify the data which has been compromised o Inform your Information Security officer The process will provide evidence if the disclosure is challenged or formal complaint is made. Clear records of evidence provided by various partners will be required to justify any challenges of the proportionality of the action taken (See 3.10 regarding further disclosure). 3. Data Protection and Confidentiality Considerations 3.1 Data Protection Act 1998 Principle 1 Fair and Lawful Principle 1 Lawful A public authority can only act intra vires; that is, within its explicit or implied statutory or common law powers. Therefore, the Police and The Community Safety Accreditation Scheme Partner can only share information with each other if the disclosure is believed to be necessary and proportionate and that the common purpose meets the policing purposes of: protecting life and property preserving order preventing the commission of offences bringing offenders to justice fulfilling a duty or responsibility arising from common law or statute) Therefore, sharing necessary to support criminal proceedings will be permitted, while sharing for civil cases will only occur where the civil case relates directly to a policing purpose. The disclosure of any personal data must be bound to both common law and statute, for example Human Rights Act 1998, Data Protection Act 1998 and the common law duty of confidence. (Appendices A & B) Schedule 2 Conditions for processing personal data 3 See Appendix A for a full list of Data Protection Principles v1.4 7 of 15

8 Processing, therefore sharing, of any personal data must be necessary for one or more condition of Schedule 2 of the Data Protection Act The relevant conditions are as follows: Consent: Where the information subject gives their informed consent to share information about them, then sharing for the specified purpose will be lawful under the Data Protection Act Consent provides lawful power of disclosure, but does not exempt the organisations from lawful handling and security requirements. Administration of justice: Where the sharing is necessary for the functioning of the judiciary, for example the trial, finding and sentencing. Legal gateway under statute which allows sharing, implicitly or explicitly: o Crime and Disorder Act, 1998 (Section 115) any person has a legal power (not a legal duty) to share information with a relevant authority if it is necessary to support the local Community Safety Strategy or other conditions in the Act o Police Reform Act, 2002 (S41(1) and schedule 5) Powers exercisable by accredited persons are contained under schedule 5 of The Police Reform Act Where these powers support a clear policing purpose, disclosure from the police service is appropriate where it enables an accredited person to more ably support that purpose through the exercise of those powers, in support of reducing crime and disorder, public nuisance and antisocial behaviour within the communities where problems have been identified. Legitimate interests of any party: Where the disclosure is necessary and compatible with legitimate aims of the police or the accredited scheme to exercise powers to reduce crime and disorder or to protect the welfare of individuals living in the community; and where this is not unwarranted in any particular case by reason of prejudice to the rights and freedoms, or legitimate interests of a data subject. It is anticipated that disclosure will be warranted should the data subject be linked to or responsible for the causes of crime and anti-social behaviour in the immediate area, or where a victim needs the support from local officers Schedule 3 Conditions for processing sensitive personal data Sensitive personal data is information about a living individual which relates to the actual or alleged commission of an offence and any related proceedings; physical or mental health; sex life; race; ethnic origin; religious belief; political or trade union membership. Where the information of this nature will be shared under this agreement, the sharing must satisfy one or more of the v1.4 8 of 15

9 following conditions of schedule 3 of the Data Protection Act. This list is not exhaustive, but contains relevant conditions. Explicit and informed consent of the data subject has been obtained. The data subject must be fully aware of the scope of what they are consenting to. The sharing of the information is necessary for: o the administration of justice o the exercise of any functions conferred on any person (including a constable) by or under an enactment The sharing is necessary for the purpose of, or in connection with, legal proceedings these must be directly compatible with the common lawful purpose to prevent public authorities acting ultra vires. The sharing of the information is necessary for the exercise of any functions conferred on a constable by any rule of law this covers the use of common law powers to meet the policing purpose Exemptions The Data Protection Act 1998: o Section 29 of this Act allows the disclosure of personal information for the purpose of prevention / detection of crime and the apprehension / prosecution of offenders. It removes the obligation for the Data Controller or recipient to inform the data subject, where doing so would prejudice this purpose; but still requires a schedule 2 and 3 condition to be met. This exemption would be relevant where non-disclosure prejudices the prevention of crime. o Section 35 allows for the disclosure of personal data where it is required for establishing or defending legal rights. It removes the obligation for the Data Controller or recipient to inform the data subject of the disclosure but still requires a schedule 2 and 3 condition to be met Further considerations for lawful processing The Human Rights Act Under Article 8 everyone has the right to respect for their private and family life, home and correspondence and there shall be no interference by a public authority with this right except as in accordance with the law, necessary for public safety, the prevention of crime or disorder, the protection of health or morals or for the protection of the rights and freedoms of others. The principle of proportionality is a common theme that runs through both the European Convention on Human Rights and judgements of the European Court of Human Rights (ECHR). It is explicitly expressed in the limitations v1.4 9 of 15

10 contained in Articles 8-11 where it is stated that any interference or restriction of those rights must be lawful and necessary in a democratic society. Any restriction of rights must, therefore, be justified in that a fair balance must be achieved between the protection of an individual s rights and general interests of society. In the context of information exchange, any disclosure of information should be restricted to a minimum and be the least damaging that is required in achieving the objective. Duty of confidence: Information provided by a third party may be considered as having been provided in confidence. For example, a witness to a crime would not ordinarily expect the police to provide their details or statements to anyone not involved in investigating or prosecuting that offence, having an expectation of confidence and that this would not be shared further. This falls under the common law duty of confidence. The justification for sharing such data under this agreement, where such a duty of confidence exists will be satisfied by meeting the following conditions: The individual to whom the information relates has consented to the sharing of the information, or where there is legal requirement (either under statute or a court order) to disclose the information Where there is an overriding duty to the public (for instance, the information concerns the commission of a criminal offence or relates to life-threatening circumstances) Rehabilitation of Offenders Act 1974: Sharing of personal data relating to criminal record data must comply with this act which places prohibitions on the use of criminal record data. This is also relevant when considering Principle 3 adequacy. 3.2 Principle 1 - Fairness The Data Protection Act requires the fair processing of information unless an exemption applies. In particular, fairness involves being open with people about who is processing their data and how their data is being used. Put simply, a data subject should not be surprised by their information being shared between Hampshire Constabulary and The Community Safety Accreditation Scheme Partner. Therefore so that individuals are not deceived or misled partners to this agreement should issue whenever possible a fair processing notice, either in writing or verbally. In some cases, it is in our interest to be open as to how data is shared. For Example: v of 15

11 A fair processing statement will generally be provided to a victim of crime or anti-social behaviour by informing them what we intend to do as a result of that contact. Where disclosure is made to tackle a crime and disorder issue, it is expected that subject(s) will be contacted about such behaviour and by virtue of that contact be informed of the identity of the data controller and the purpose for processing their personal data. Police officers and accredited persons will generally provide a fair processing statement by informing an offender what they intend to do as a result of that contact; such as by issuing a fixed penalty notice. Section 29 of the Data Protection Act removes the obligation to inform the data subject, where the purpose for processing directly relates to the prevention or detection of crime or the apprehension or prosecution of offenders, where disclosure of that fact would be likely to prejudice the investigation. 3.3 Principle 2 Secondary Processing The Data Controllers will agree that the data shared shall not be used for a purpose other than that for which it is shared, unless the considerations in principle 1 can be met for that new second purpose. 3.4 Principle 3 Adequate, relevant, not excessive The Data Protection Act 1998 requires that the data shared is necessary and relevant to the purpose. Data shared should also be sufficient to achieve the purpose - too little and the benefit is lost, too much and the disclosure becomes disproportionate for the purpose. In essence only relevant information should be shared that effectively assists in the prevention and detection of crime, reduction of anti-social behaviour and protecting vulnerable persons. 3.5 Principle 4 Accurate and up to date It is acknowledged that each partner will only have data that is accurate to their best knowledge. Before sharing, information will be checked for accuracy. If a Data Controller provides information and subsequently finds it to be inaccurate, they will inform all recipients. If a Data Controller receives data which is discovered to be inaccurate, they will inform the provider of those data. In all cases, a Data Controllers providing inaccurate data must take all reasonable steps to notifying all other recipients of the data who must then ensure that the correction is made. v of 15

12 3.6 Principle 5 Kept no longer than is necessary Partners to this agreement undertake that personal data shared will only be used for the specific purpose under which they were requested. The recipient of the information is required to keep it stored securely and destroy it in a secure manner or return it when no longer necessary for that purpose. Each partner is subject to principle 5 and is therefore responsible for setting their own review periods, and recording a justification proportionate to their lawful purpose for processing. Where a longer period of retention is necessary, these may be justified by specific legal obligations placed on the recipient partner. All necessary, adequate and up-to-date records, including pocket note book entries, will need to be retained for a minimum period of six years, after which they should be reviewed for further retention. This is to allow for information to be available to account for the activities of the accredited scheme or Hampshire Constabulary. It is necessary to maintain a record of information sharing and the actions resulting from that sharing should civil action be instigated. [Limitation Act 1980] Retention of data for policing purposes will be governed by Authorised Professional Practice on Information Management. Retention periods may be reduced, or specific data deleted to minimise collateral intrusion. 3.7 Principle 6 Rights of the data subject If a party to this agreement receives a subject access application under section 7 of the Data Protection Act 1998 and personal data is identified as having originated from another signatory partner, it will be the responsibility of the receiving agency to contact that partner to determine whether the latter wishes to advise use of any statutory exemption under the provisions of the Data Protection Act 1998, or to consider further sharing on live matters. Disputes as to accuracy, damage or distress relating to the data processing will be passed promptly to the relevant Data Controller to resolve. 3.8 Principle 7 Technical and Organisational Security Partners agree to ensure the reliability their employees through appropriate training around principle 7. As a bare minimum this should involve making staff aware of the processes outlined within this sharing agreement. The information must be stored securely and is the responsibility of all partners to ensure that adequate security arrangements are in place in order to protect the integrity and confidentiality of information shared. Each party agrees to apply appropriate security measures, to meet the requirements of principle 7 of the Data Protection Act to the data. That is, to make accidental compromise, loss or damage unlikely during storage, v of 15

13 handling, use, processing, communication, transmission or transport; deter deliberate compromise or opportunist attack, and promote discretion in order to avoid unauthorised access. Any loss of data by a recipient partner must be notified to the originating partner at the earliest opportunity. Hampshire Constabulary may, by arrangement, undertake a physical review of the security in place to ensure the confidentiality, integrity, availability and non-repudiation of the Force information being stored under this agreement. The force may also wish to request a copy of the partner s information security policy (where it exists) when sensitive personal data is to be shared. Only nominated representatives can access, request information, and make disclosure decisions and they should adhere to the 'need to know' principle when obtaining or disclosing information. The Government has introduced a three-tier Security Classification Scheme (GCS) to replace the Government Protective Marking Scheme (GPMS). Police Forces will phase implementation, subject to confirmation of adoption in the future. In the interim period information may be classified using either the existing protective marking scheme or the new classification policy. Hampshire Constabulary will only transfer information electronically where a secure encrypted facility exists at both the sender and recipient and in these cases the information will not be above RESTRICTED as defined in the GPMS, or classified as OFFICIAL under the GCS. The following are recognised encrypted secure pathways:.pnn,.xgsi,.gsi,.gsx,.gse,.nhs.net,.cjsm, and.scn. The use of fax to transfer sensitive personal data may only be used in cases of operational emergency and with the appropriate security safeguards. Due consideration should be given to any marking of documents under the GPMS or GCS and those documents given adequate levels of protection. Consideration of this marking will also be required in any onward dissemination of those data contained within. 3.9 Principle 8 Transfer outside of the EEA Personal data supplied under the agreement will not be transferred outside the EEA Further disclosure The partners agree that the recipient of shared information will not disclose it to any third party without consultation of the partner that provided the information; exceptions to this may occur when it is disclosed under a statutory obligation or by Hampshire Constabulary for a policing purpose. v of 15

14 This consultation may highlight a need or benefit for further relevant information to be shared between partners. 4. Roles and responsibilities 4.1 Specialist advice within your organisation There is an obligation on all organisations that the information shared is, directly relevant to the purposes this agreement seeks to achieve. Should any organisation's staff members have concerns regarding information they wish to share, or information already shared, they should consult their Information Governance Officer. 4.2 Single point of contact Each partner will appoint a SPOC, to be named in part 1 of this agreement, who will be a manager of sufficient standing and who will have a co-ordinating and authorising role. A partner may also appoint a supervisor or manager to deputise for the SPOC The specific responsibilities of the SPOC are: Making sure the named party abides by this agreement Ensuring relevant staff are fully aware of their responsibilities Appointing other staff to act in their absence Controlling the release of the information and maintaining its integrity Deciding on a case by case basis if and why a public interest overrides a duty of confidence Keeping an information sharing file (or similar), which holds all the partner s information sharing documents in general Ensuring any changes to the SPOC are confirmed in writing 4.3 Freedom of Information Act considerations If a party receives a request for information under the Freedom of Information Act 2000 and the information requested is identified as belonging to another signatory partner, it will be the responsibility of the receiving agency to contact that partner to determine whether the latter wishes to rely on any statutory exemption under the provisions of the Freedom of Information Act 2000 and to identify any perceived harm. v of 15

15 Appendix A Principles of the Data Protection Act Principle 1 Principle 2 Principle 3 Principle 4 Principle 5 Principle 6 Principle 7 Principle 8 Personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless: At least one of the conditions in Schedule 2 is met and; In the case of sensitive data at least one of the conditions in Schedule 3 is also met. Personal data shall be obtained only for one or more specified and lawful purposes and shall not be further processed in any manner incompatible with that purpose or those purposes. Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed. Personal data shall be accurate and, where necessary, kept up to date. Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes. Personal data shall be processed in accordance with the rights of data subjects under this Act. Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data. Personal data shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection for the rights and freedom of data subjects in relation to the processing of personal data. Appendix B Human Rights Article 8 Article 8 Right to Respect for Private and Family Life Everyone has the right to respect for his private and family life, his home and his correspondence. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law. v of 15

GENERAL PROTOCOL FOR SHARING INFORMATION BETWEEN AGENCIES IN KINGSTON UPON HULL AND THE EAST RIDING OF YORKSHIRE

GENERAL PROTOCOL FOR SHARING INFORMATION BETWEEN AGENCIES IN KINGSTON UPON HULL AND THE EAST RIDING OF YORKSHIRE GENERAL PROTOCOL FOR SHARING INFORMATION BETWEEN AGENCIES IN KINGSTON UPON HULL AND THE EAST RIDING OF YORKSHIRE 2008 CONTENTS 1. INTRODUCTION Purpose of this document 1-6 2. KEY LEGISLATION AND GUIDANCE

More information

INFORMATION SHARING AGREEMENT (ISA) BETWEEN

INFORMATION SHARING AGREEMENT (ISA) BETWEEN P.698 (07/12) INFORMATION SHARING AGREEMENT (ISA) BETWEEN Lincolnshire County Council The National Probation Service The Humberside, Lincolnshire and North Yorkshire Community Rehabilitation Company (HLNY

More information

Data Protection Policy and Procedure

Data Protection Policy and Procedure Data Protection Policy and Procedure Reference No. P09:2007 Implementation date 12022008 Version Number Version 2.0 Reference No: Name. Linked documents Policy Section Procedure Section Yes Yes Suitable

More information

Data Protection. Policy & Procedure. Greater Manchester Police

Data Protection. Policy & Procedure. Greater Manchester Police Data Protection Policy & Procedure Greater Manchester Police October 2014 Table of Contents 1. Policy Statement... 1 1.1 Aims... 1 2. Scope... 1 3. Roles & Responsibilities... 2 4. Terms and Definitions...

More information

INFORMATION SHARING AGREEMENT This document is NOT PROTECTIVELY MARKED

INFORMATION SHARING AGREEMENT This document is NOT PROTECTIVELY MARKED PURPOSE PARTNERS The purpose of this Information Sharing Agreement is to facilitate the lawful exchange of data in order to comply with the statutory duty on Chief Police Officers and relevant agencies

More information

Version No. Date Amendments made Authorised by N/A ACC Hamilton (PSNI)

Version No. Date Amendments made Authorised by N/A ACC Hamilton (PSNI) PURPOSE PARTNERS The purpose of this Information Sharing Agreement is to facilitate the lawful exchange of data in order to comply with the statutory duty on Chief Police Officers and relevant agencies

More information

DATA SHARING AND PROCESSING

DATA SHARING AND PROCESSING DATA SHARING AND PROCESSING Capita Business Services Limited March 2016 Version 1.3 TABLE OF CONTENTS: Item Heading Page 1 Data Processing Agreement 2 2 Data Protection Act 1998 2 3 Data Protection Act

More information

INVESTIGATION OF ELECTRONIC DATA PROTECTED BY ENCRYPTION ETC DRAFT CODE OF PRACTICE

INVESTIGATION OF ELECTRONIC DATA PROTECTED BY ENCRYPTION ETC DRAFT CODE OF PRACTICE INVESTIGATION OF ELECTRONIC DATA PROTECTED BY ENCRYPTION ETC CODE OF PRACTICE Preliminary draft code: This document is circulated by the Home Office in advance of enactment of the RIP Bill as an indication

More information

PROCEDURE (Essex) / Linked SOP (Kent) Data Protection. Number: W 1011 Date Published: 24 November 2016

PROCEDURE (Essex) / Linked SOP (Kent) Data Protection. Number: W 1011 Date Published: 24 November 2016 1.0 Summary of Changes 1.1 This procedure/sop has had an additional paragraph added at 3.8.6 relating to data processing of information by direct access to Athena. 2.0 What this Procedure/SOP is About

More information

INFORMATION SHARING AGREEMENT WEST YORKSHIRE POLICE. and LEEDS AND YORK PARTNERSHIP NHS FOUNDATION TRUST

INFORMATION SHARING AGREEMENT WEST YORKSHIRE POLICE. and LEEDS AND YORK PARTNERSHIP NHS FOUNDATION TRUST INFORMATION SHARING AGREEMENT WEST YORKSHIRE POLICE and LEEDS AND YORK PARTNERSHIP NHS FOUNDATION TRUST Version 4.0 1 of 14 CONTENTS SUMMARY SHEET 1. INTRODUCTION 2. PURPOSE 3. PARTNER(S) 4. POWER(S) 5.

More information

SCHEDULE Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.

SCHEDULE Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed. SCHEDULE 1 THE DATA PROTECTION PRINCIPLES PART I THE PRINCIPLES 1. Personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless- (a) at least one of the conditions

More information

MEMORANDUM OF UNDERSTANDING

MEMORANDUM OF UNDERSTANDING MEMORANDUM OF UNDERSTANDING between Risk and Intelligence Service Gateway Exchange Team and NHS Protect (England) and NHS Counter Fraud Services (Wales) The Parties (1) Gateway Exchange Team, CEI Cardiff,

More information

Law Enforcement processing (Part 3 of the DPA 2018)

Law Enforcement processing (Part 3 of the DPA 2018) Law Enforcement processing (Part 3 of the DPA 2018) Introduction This part of the Act transposes the EU Data Protection Directive 2016/680 (Law Enforcement Directive) into domestic UK law. The Directive

More information

PROTECTION OF PERSONAL INFORMATION ACT NO. 4 OF 2013

PROTECTION OF PERSONAL INFORMATION ACT NO. 4 OF 2013 PROTECTION OF PERSONAL INFORMATION ACT NO. 4 OF 2013 [ASSENTED TO 19 NOVEMBER, 2013] [DATE OF COMMENCEMENT TO BE PROCLAIMED] (Unless otherwise indicated) (The English text signed by the President) This

More information

Data Protection REFERENCE NUMBER. IMPLEMENTATION DATE June 2014 NEXT REVIEW DATE: September 2020 RISK RATING

Data Protection REFERENCE NUMBER. IMPLEMENTATION DATE June 2014 NEXT REVIEW DATE: September 2020 RISK RATING POLICY Security Classification Disclosable under Freedom of Information Act 2000 Yes POLICY TITLE Data Protection REFERENCE NUMBER A031 Version 1.1 POLICY OWNERSHIP DIRECTORATE BUSINESS AREA CHIEF OFFICERS

More information

PROJET DE LOI ENTITLED. The Data Protection (Bailiwick of Guernsey) Law, 2017 ARRANGEMENT OF SECTIONS PART I PRELIMINARY

PROJET DE LOI ENTITLED. The Data Protection (Bailiwick of Guernsey) Law, 2017 ARRANGEMENT OF SECTIONS PART I PRELIMINARY PROJET DE LOI ENTITLED The Data Protection (Bailiwick of Guernsey) Law, 2017 ARRANGEMENT OF SECTIONS PART I PRELIMINARY 1. Object of this Law. 2. Application. 3. Extent. 4. Exception for personal, family

More information

ARTICLE 29 Data Protection Working Party

ARTICLE 29 Data Protection Working Party ARTICLE 29 Data Protection Working Party 11580/03/EN WP 82 Opinion 6/2003 on the level of protection of personal data in the Isle of Man Adopted on 21 November 2003 This Working Party was set up under

More information

General Rules on the Processing of Personal Data SCHEDULE 1 DATA TRANSFER AGREEMENT (Data Controller to Data Controller transfers)...

General Rules on the Processing of Personal Data SCHEDULE 1 DATA TRANSFER AGREEMENT (Data Controller to Data Controller transfers)... DATA PROTECTION REGULATIONS 2015 DATA PROTECTION REGULATIONS 2015 General Rules on the Processing of Personal Data... 1 Rights of Data Subjects... 6 Notifications to the Registrar... 7 The Registrar...

More information

Data Protection Act 1998

Data Protection Act 1998 Data Protection Act 1998 1998 CHAPTER 29 ARRANGEMENT OF SECTIONS Part I Preliminary 1. Basic interpretative provisions. 2. Sensitive personal data. 3. The special purposes. 4. The data protection principles.

More information

DATA PROTECTION POLICY STATUTORY

DATA PROTECTION POLICY STATUTORY DATA PROTECTION POLICY MAIDEN ERLEGH TRUST STATUTORY INITIAL APPROVAL July 2017 REVIEW FREQUENCY At least every two years REVIEWED CONTENTS PART ONE: POLICY STATEMENT & OBJECTIVES PART TWO: STATUS OF THE

More information

DURHAM CONSTABULARY POLICY

DURHAM CONSTABULARY POLICY DURHAM CONSTABULARY POLICY Durham Constabulary Freedom of Information Act Publication Scheme Name of Policy Body Worn Video Devices Registry Reference No. DCP 166 Policy Owner Head of Neighbourhood & Partnership

More information

A closed circuit television system is used at the Memorial Hall by the Parish Council.

A closed circuit television system is used at the Memorial Hall by the Parish Council. BREADSALL PARISH COUNCIL CCTV CODE OF PRACTICE A closed circuit television system is used at the Memorial Hall by the Parish Council. The safety of residents using the car park and visitors to the buildings

More information

CCTV Code of Practice

CCTV Code of Practice CCTV Code of Practice Belfast Trust CCTV Code of Practice Introduction Closed Circuit Television (CCTV) systems are in place across the Belfast trust. These systems comprise of cameras installed at strategic

More information

SUBSIDIARY LEGISLATION DATA PROTECTION (PROCESSING OF PERSONAL DATA IN THE POLICE SECTOR) REGULATIONS

SUBSIDIARY LEGISLATION DATA PROTECTION (PROCESSING OF PERSONAL DATA IN THE POLICE SECTOR) REGULATIONS DATA PROTECTION (PROCESSING OF PERSONAL DATA IN THE POLICE SECTOR) [S.L.440.05 1 SUBSIDIARY LEGISLATION 440.05 DATA PROTECTION (PROCESSING OF PERSONAL DATA IN THE POLICE SECTOR) REGULATIONS 30th September,

More information

APPENDIX. 1. The Equipment Interference Regime which is relevant to the activities of GCHQ principally derives from the following statutes:

APPENDIX. 1. The Equipment Interference Regime which is relevant to the activities of GCHQ principally derives from the following statutes: APPENDIX THE EQUIPMENT INTERFERENCE REGIME 1. The Equipment Interference Regime which is relevant to the activities of GCHQ principally derives from the following statutes: (a) (b) (c) (d) the Intelligence

More information

The installation of CCTV can provide information on activities at the Water,

The installation of CCTV can provide information on activities at the Water, ST CHAD S WATER LNR CCTV CODE OF PRACTICE St Chad s Fishing Club A closed circuit television system is used at St Chad s Water LNR, Church Wilne (known in the Code as the Water) by the St Chad s Fishing

More information

Merseyside Police and Probation Area. Working together to. Protect the Public of Merseyside MULTI AGENCY PUBLIC PROTECTION ARRANGEMENTS

Merseyside Police and Probation Area. Working together to. Protect the Public of Merseyside MULTI AGENCY PUBLIC PROTECTION ARRANGEMENTS Merseyside Police and Probation Area Working together to Protect the Public of Merseyside MULTI AGENCY PUBLIC PROTECTION ARRANGEMENTS A PROTOCOL FOR MERSEYSIDE POLICE AND THE PROBATION SERVICE IN MERSEYSIDE.

More information

SCHEDULE 1 DATA TRANSFER AGREEMENT (Data Controller to Data Controller transfers)... 16

SCHEDULE 1 DATA TRANSFER AGREEMENT (Data Controller to Data Controller transfers)... 16 DATA PROTECTION REGULATIONS 2015 DATA PROTECTION REGULATIONS 2015 Part 1 General Rules on the Processing of Personal Data... 1 Part 2 Rights of Data Subjects... 7 Part 3 Notifications to the Registrar...

More information

European College of Business and Management Data Protection Policy

European College of Business and Management Data Protection Policy European College of Business and Management Data Protection Policy 1. INTRODUCTION 1.1 The European College of Business and Management (ECBM) is committed to full compliance with the Data Protection Act

More information

Data Protection Act 1998 Policy

Data Protection Act 1998 Policy Data Protection Act 1998 Policy Responsibility for Policy: Relevant to: University Secretary All Staff, Students and Academic Partnerships Approved by: SMT in September 2016 Responsibility for Document

More information

Federal Act on Data Protection (FADP) Section 1: Aim, Scope and Definitions

Federal Act on Data Protection (FADP) Section 1: Aim, Scope and Definitions English is not an official language of the Swiss Confederation. This translation is provided for information purposes only and has no legal force. Federal Act on Data Protection (FADP) 235.1 of 19 June

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Co-ordinator Will Taylor Date of Completion June 2017 Date of adoption by Governors June 2017 Date to be reviewed June 2019 Introduction The new Data Protection Act 1998 (EU Directive

More information

OTrack Data Processing Terms

OTrack Data Processing Terms BACKGROUND These Personal Data Processing Terms (the Agreement ) are entered into between Optimum Records Limited ( Optimum ) and the school using the services provided by Optimum (the School ) whose details

More information

Practical Guidance on the sharing of information and information governance for all NHS organisations specifically for Prevent and the Channel process

Practical Guidance on the sharing of information and information governance for all NHS organisations specifically for Prevent and the Channel process Page 1 of 15 Practical Guidance on the sharing of information and information governance for all NHS organisations specifically for Prevent and the Channel process Page 2 of 15 NHS England Information

More information

APPLICATION FOR COMMUNICATIONS DATA (UNDER THE DATA PROTECTION ACT 1998) RESTRICTED

APPLICATION FOR COMMUNICATIONS DATA (UNDER THE DATA PROTECTION ACT 1998) RESTRICTED Page 1 of 6 Notes to Applicant: The request is subject to the provisions of the Data Protection Act 1998. Unlawful disclosure to any person not entitled to receive it may result in prosecution. The Single

More information

Code of Practice Issued Under Section 377A of the Proceeds of Crime Act 2002

Code of Practice Issued Under Section 377A of the Proceeds of Crime Act 2002 Code of Practice Issued Under Section 377A of the Proceeds of Crime Act 2002 Presented to Parliament under section 377A(4) of the Proceeds of Crime Act 2002 Code of Practice Issued Under Section 377A

More information

Derbyshire Constabulary TRUANCY GUIDANCE POLICY REFERENCE 08/232. This guidance is suitable for Public Disclosure

Derbyshire Constabulary TRUANCY GUIDANCE POLICY REFERENCE 08/232. This guidance is suitable for Public Disclosure Derbyshire Constabulary TRUANCY GUIDANCE POLICY REFERENCE 08/232 This guidance is suitable for Public Disclosure Owner of Doc: Head of Department, Corporate Services Date Approved: March 2008 Review Date:

More information

How we use Personal Information

How we use Personal Information How we use Personal Information Introduction This document explains how Essex Police obtains, holds, uses and discloses information about people - their personal information 1 -, the steps we take to ensure

More information

PROTOCOL BETWEEN WEST MIDLANDS POLICE CPS WEST MIDLANDS AND WEST MIDLANDS LOCAL AUTHORITIES

PROTOCOL BETWEEN WEST MIDLANDS POLICE CPS WEST MIDLANDS AND WEST MIDLANDS LOCAL AUTHORITIES PROTOCOL BETWEEN WEST MIDLANDS POLICE CPS WEST MIDLANDS AND WEST MIDLANDS LOCAL AUTHORITIES IN THE EXCHANGE OF INFORMATION IN THE INVESTIGATION AND PROSECUTION OF CHILD ABUSE CASES IN THE WEST MIDLANDS

More information

Access to Personal Information Procedure

Access to Personal Information Procedure Purpose of The sixth principle of the Data Protection Act 1998 gives rights to individuals in respect of the personal data that organisations hold about them. The Act says that: Personal data shall be

More information

Protection of Freedoms Act 2012

Protection of Freedoms Act 2012 Protection of Freedoms Act 2012 Draft statutory guidance on the making or renewing of national security determinations allowing the retention of biometric data March 2013 Issued Pursuant to Section 22

More information

Covert Human Intelligence Sources Code of Practice

Covert Human Intelligence Sources Code of Practice Covert Human Intelligence Sources Code of Practice Presented to Parliament pursuant to section 71(4) of the Regulation of Investigatory Powers Act 2000. 2 Covert Human Intelligence Sources Code of Practice

More information

DATA PROTECTION (JERSEY) LAW 2005 CODE OF PRACTICE & GUIDANCE ON THE USE OF CCTV GD6

DATA PROTECTION (JERSEY) LAW 2005 CODE OF PRACTICE & GUIDANCE ON THE USE OF CCTV GD6 DATA PROTECTION (JERSEY) LAW 2005 CODE OF PRACTICE & GUIDANCE ON THE USE OF CCTV GD6 2 DATA PROTECTION (JERSEY) LAW 2005: CODE OF PRACTICE & GUIDANCE ON THE USE OF CCTV PART 1: CODE OF PRACTICE Introduction

More information

Staff Data Protection Policy

Staff Data Protection Policy Staff Data Protection Policy Version: 9.0 Approval Status: Approved Document Owner: Graham Feek Classification: External Review Date: 02/11/2016 Effective from: 1 July 2015 Table of Contents 1. The Data

More information

closer look at Rights & remedies

closer look at Rights & remedies A closer look at Rights & remedies November 2017 V1 www.inforights.im Important This document is part of a series, produced purely for guidance, and does not constitute legal advice or legal analysis.

More information

16 March Purpose & Introduction

16 March Purpose & Introduction Factsheet on the key issues relating to the relationship between the proposed eprivacy Regulation (epr) and the General Data Protection Regulation (GDPR) 1. Purpose & Introduction As the eprivacy Regulation

More information

Interstate Commission for Adult Offender Supervision

Interstate Commission for Adult Offender Supervision Interstate Commission for Adult Offender Supervision Privacy Policy Interstate Compact Offender Tracking System Version 3.0 Approved 04/23/2009 Revised on 4/18/2017 1.0 Statement of Purpose The goal of

More information

CCTV POLICY. Document Type Corporate Policy. Unique Identifier HS-103

CCTV POLICY. Document Type Corporate Policy. Unique Identifier HS-103 CCTV POLICY Document Type Corporate Policy Unique Identifier HS-103 Document Purpose This policy covers the internal and external use of close circuit television in and around buildings owned by, or leased

More information

How we use Personal Information

How we use Personal Information How we use Personal Information Introduction This document explains how British Transport Police obtains, holds, uses and discloses information about people - their personal information 1 -, the steps

More information

- and - OPINION. Reasons

- and - OPINION. Reasons IN THE MATTER OF THE DATA PROTECTION ACT 1998 AND IN THE MATTER OF A PROPOSED CONTRACT B E T W E E N: Cambridge Analytica Inc - and - Claimant United Kingdom Independence Party Defendant OPINION 1. We

More information

Consolidated text PROJET DE LOI ENTITLED. The Data Protection (Bailiwick of Guernsey) Law, 2001 [CONSOLIDATED TEXT] NOTE

Consolidated text PROJET DE LOI ENTITLED. The Data Protection (Bailiwick of Guernsey) Law, 2001 [CONSOLIDATED TEXT] NOTE PROJET DE LOI ENTITLED The Data Protection (Bailiwick of Guernsey) Law, 2001 [CONSOLIDATED TEXT] NOTE This consolidated version of the enactment incorporates all amendments listed in the footnote below.

More information

DATA PROTECTION (JERSEY) LAW 2018

DATA PROTECTION (JERSEY) LAW 2018 Data Protection (Jersey) Law 2018 Arrangement DATA PROTECTION (JERSEY) LAW 2018 Arrangement Article PART 1 7 INTRODUCTORY 7 1 Interpretation... 7 2 Personal data and data subject... 12 3 Pseudonymization...

More information

Data Protection Commissioner s Foreword 3. Chapter 1: Introduction - Scope of the Guidance 5. Chapter 2: First Data Protection Principle 7

Data Protection Commissioner s Foreword 3. Chapter 1: Introduction - Scope of the Guidance 5. Chapter 2: First Data Protection Principle 7 DATA PROTECTION (JERSEY) LAW 2005 HEALTH DATA USE & DISCLOSURE GD7 2 DATA PROTECTION (JERSEY) LAW 2005 Health Data Use & Disclosure Contents Data Protection Commissioner s Foreword 3 Chapter 1: Introduction

More information

Data Protection Bill [HL]

Data Protection Bill [HL] [AS AMENDED IN PUBLIC BILL COMMITTEE] CONTENTS PART 1 PRELIMINARY 1 Overview 2 Protection of personal data 3 Terms relating to the processing of personal data PART 2 GENERAL PROCESSING CHAPTER 1 SCOPE

More information

Derbyshire Constabulary SIMPLE CAUTIONING OF ADULT OFFENDERS POLICY POLICY REFERENCE 06/122. This policy is suitable for Public Disclosure

Derbyshire Constabulary SIMPLE CAUTIONING OF ADULT OFFENDERS POLICY POLICY REFERENCE 06/122. This policy is suitable for Public Disclosure Derbyshire Constabulary SIMPLE CAUTIONING OF ADULT OFFENDERS POLICY POLICY REFERENCE 06/122 This policy is suitable for Public Disclosure Owner of Doc: Head of Department, Criminal Justice Date Approved:

More information

The London Borough of Barnet. The Metropolitan Police Barnet Borough Division

The London Borough of Barnet. The Metropolitan Police Barnet Borough Division The London Borough of Barnet in partnership with The Metropolitan Police Barnet Borough Division Code of Practice for the operation of Closed Circuit Television October 2014 Change Control Item Reason

More information

The Committee of Ministers, under the terms of Article 15.b of the Statute of the Council of Europe,

The Committee of Ministers, under the terms of Article 15.b of the Statute of the Council of Europe, Recommendation CM/Rec(2010)1 of the Committee of Ministers to member states on the Council of Europe Probation Rules (Adopted by the Committee of Ministers on 20 January 2010 at the 1075th meeting of the

More information

Page1. Employment of Ex- Offenders. Issue Date 01/01/2017 Issue 1 Document No: 105 Uncontrolled when copied

Page1. Employment of Ex- Offenders. Issue Date 01/01/2017 Issue 1 Document No: 105 Uncontrolled when copied Page1 Employment of Ex- Offenders Page2 1. Policy Statement 1.1 Under this policy, the first priority of the company is to maintain the safety and welfare of children and vulnerable adults in our care,

More information

Mannofield Parish Church. Registered Scottish Charity No: SC (the Congregation ) Data Protection Policy

Mannofield Parish Church. Registered Scottish Charity No: SC (the Congregation ) Data Protection Policy Mannofield Parish Church Registered Scottish Charity No: SC 001680 (the Congregation ) Data Protection Policy December 2018 CONTENTS 1. Overview 2. Data Protection Principles 3. Personal Data 4. Special

More information

Charities & Not-for-Profits Overview of Data Protection Law

Charities & Not-for-Profits Overview of Data Protection Law Charities & Not-for-Profits Overview of Data Protection Law The Data Protection Law provides a framework for the processing of data relating to individuals that serves to balance the needs of organisations

More information

THE DATA PROTECTION PRINCIPLES

THE DATA PROTECTION PRINCIPLES DATA PROTECTION (JERSEY) LAW 2005 THE DATA PROTECTION PRINCIPLES GD1 DATA PROTECTION (JERSEY) LAW 2005 THE DATA PROTECTION PRINCIPLES Introduction 1 The Data Protection Principles 2 First Principle 3

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Perth: Craigie and Moncreiffe CHARITY NO. SC001330 CONTENTS 1. Overview 2. Data Protection Principles 3. Personal Data 4. Special Category Data 5. Processing 6. How personal data

More information

Schools Subject Access Request Procedures

Schools Subject Access Request Procedures Schools Subject Access Request Procedures Policy reviewed by Academy Transformation Trust on June 2018 This policy links to: Located: Data Protection Policy Freedom of Information Policy Review Date May

More information

What Is Criminal Intelligence?

What Is Criminal Intelligence? Information We are often concerned whether information we come by can be used by enforcement agencies as crime intelligence in order to target offenders suspected of committing offences. It makes no difference

More information

Memorandum of Understanding. between. HM Land Registry. and. Solicitors Regulation Authority (SRA)

Memorandum of Understanding. between. HM Land Registry. and. Solicitors Regulation Authority (SRA) Memorandum of Understanding between HM Land Registry and Solicitors Regulation Authority (SRA) 1 Introduction 1. HM Land Registry (LR) and the Solicitors Regulation Authority (SRA) ("the parties") are

More information

Data Protection Policy

Data Protection Policy Data Protection Policy The school collects and uses certain types of personal information about staff, pupils, parents and other individuals who come into contact with the school in order provide education

More information

Official Gazette No. 55 issued on 8 May Data Protection Act. of 14 March 2002

Official Gazette No. 55 issued on 8 May Data Protection Act. of 14 March 2002 Official Gazette 2002 No. 55 issued on 8 May 2002 Data Protection Act of 14 March 2002 I hereby grant my consent to the following resolution adopted by the Diet: I. General provisions Article 1 Objective

More information

Act No. 502 of 23 May 2018

Act No. 502 of 23 May 2018 Act No. 502 of 23 May 2018 This version has been translated for the Danish Ministry of Justice. The official version was published in Lovtidende (the Law Gazette) on 24 May 2018. Only the Danish version

More information

Port Glasgow St Andrew s Data Protection Policy

Port Glasgow St Andrew s Data Protection Policy Port Glasgow St Andrew s Data Protection Policy CONTENTS 1. Overview 2. Data Protection Principles 3. Personal Data 4. Special Category Data 5. Processing 6. How personal data should be processed 7. Privacy

More information

AIA Australia Limited

AIA Australia Limited AIA Australia Limited Privacy policies & procedures May 2010 The Power of We AIA.COM.AU AIA Australia Limited Privacy policies & procedures Contents Purpose 3 Policy 3 National Privacy Principles Policy

More information

THE PROCESSING OF PERSONAL DATA (PROTECTION OF INDIVIDUALS) LAW 138 (I) 2001 PART I GENERAL PROVISIONS

THE PROCESSING OF PERSONAL DATA (PROTECTION OF INDIVIDUALS) LAW 138 (I) 2001 PART I GENERAL PROVISIONS THE PROCESSING OF PERSONAL DATA (PROTECTION OF INDIVIDUALS) LAW 138 (I) 2001 PART I GENERAL PROVISIONS Short title. 1. This Law may be cited as the Processing of Personal Data (Protection of Individuals)

More information

COMP Article 1. Article 1 Subject matter and objectives

COMP Article 1. Article 1 Subject matter and objectives Proposal for a directive of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by competent authorities for the purposes of prevention,

More information

Data protection and journalism: a guide for the media

Data protection and journalism: a guide for the media Data protection Data protection and journalism Data protection and journalism: a guide for the media Contents * About this guide 3 2 Technical guidance 18 1 Practical guidance 6 Data protection basics

More information

DISCLOSURE & BARRING SERVICE (DBS) PROCEDURE

DISCLOSURE & BARRING SERVICE (DBS) PROCEDURE DISCLOSURE & BARRING SERVICE (DBS) PROCEDURE Authorised Professional Practice (APP) APP is developed and owned by the College of Policing (the professional body for policing) and can be accessed online.

More information

Standard Operating Procedure

Standard Operating Procedure Disclosure Scheme for Domestic Abuse Scotland (DSDAS) Standard Operating Procedure Notice: This document has been made available through the Police Service of Scotland Freedom of Information Publication

More information

This unofficial translation is provided for information purposes only and has no legal force. Data Protection Act.

This unofficial translation is provided for information purposes only and has no legal force. Data Protection Act. 235.1 Liechtenstein Law Gazette 2002 No. 55 issued on 8 May 2002 Data Protection Act of 14 March 2002 I hereby grant My consent to the following resolution adopted by the Diet: I. General provisions Article

More information

Identifying arrested, charged or convicted persons

Identifying arrested, charged or convicted persons Policy Identifying arrested, charged or convicted persons Policy summary It is vital that the relationship between the police service and the media is at all times professional, transparent and capable

More information

Code of Practice - Covert Human Intelligence Sources. Covert Human Intelligence Sources. Code of Practice

Code of Practice - Covert Human Intelligence Sources. Covert Human Intelligence Sources. Code of Practice Covert Human Intelligence Sources Code of Practice Regulation of Investigatory Powers (Bailiwick of Guernsey) Law, 2003 Code ofpractice - Covert Human Intelligence Sources COVERT NUItlAN INTELLIGENCE SOURCES

More information

Introduction. The highly anticipated text of the Irish Data Protection Bill 2018 has been published.

Introduction. The highly anticipated text of the Irish Data Protection Bill 2018 has been published. Key points of the recently published Data Protection Bill February 2018 00 Introduction The highly anticipated text of the Irish Data Protection Bill 2018 has been published. The Bill supplements and gives

More information

T he European Union s Article 29 Data Protection

T he European Union s Article 29 Data Protection A BNA, INC. PRIVACY & SECURITY LAW! REPORT Reproduced with permission from Privacy & Security Law Report, 8 PVLR 10, 03/09/2009. Copyright 2009 by The Bureau of National Affairs, Inc. (800-372-1033) http://www.bna.com

More information

Personal Data Protection Act

Personal Data Protection Act Personal Data Protection Act Promulgated State Gazette No. 1/4.01.2002, effective 1.01.2002, supplemented, SG No. 70/10.08.2004, effective 1.01.2005, SG No. 93/19.10.2004, No. 43/20.05.2005, effective

More information

Privacy. Purpose. Scope. Policy. Appendix A

Privacy. Purpose. Scope. Policy. Appendix A Privacy NZQA Quality Management System Policy Appendix A Purpose To ensure NZQA and personnel meet the legal obligations under the Privacy Act 1993 and in relation to its functions under section 246A of

More information

Data Protection Policy. Malta Gaming Authority

Data Protection Policy. Malta Gaming Authority Data Protection Policy Malta Gaming Authority Contents 1 Purpose and Scope... 3 2 Data Protection Officer... 3 3 Principles for Processing Personal Data... 3 3.1 Lawfulness, Fairness and Transparency...

More information

EDPS Opinion on the proposal for a recast of Brussels IIa Regulation

EDPS Opinion on the proposal for a recast of Brussels IIa Regulation Opinion 01/2018 EDPS Opinion on the proposal for a recast of Brussels IIa Regulation (Council Regulation on jurisdiction, the recognition and enforcement of decisions in matrimonial matters and the matters

More information

Data protection and journalism: a guide for the media

Data protection and journalism: a guide for the media Data protection Data protection and journalism: a guide for the media DRAFT FOR CONSULTATION * Contents Foreword 3 About this guide 4 Purpose of the guide 4 Who the guide is for 5 Status of the guide 5

More information

Code of Ethics. policing with PRIDE. Professionalism Respect Integrity Dedication Empathy

Code of Ethics. policing with PRIDE. Professionalism Respect Integrity Dedication Empathy Code of Ethics policing with PRIDE Professionalism Respect Integrity Dedication Empathy Principles and Standards of Professional Behaviour for the Policing Profession of England and Wales Contents Foreword

More information

A Legal Overview of the Data Protection Act By: Mrs D. Madhub Data Protection Commissioner

A Legal Overview of the Data Protection Act By: Mrs D. Madhub Data Protection Commissioner A Legal Overview of the Data Protection Act 2017 By: Mrs D. Madhub Data Protection Commissioner 06.02.2018 Overview The Data Protection Act 2017 Aim of the Act Major changes brought in the new Act Key

More information

DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. of 24 October 1995

DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. of 24 October 1995 DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data

More information

ACT GUIDELINES FOR COUNCIL. Approved 5 June 2008 (last updated 1 December 2014)

ACT GUIDELINES FOR COUNCIL. Approved 5 June 2008 (last updated 1 December 2014) ACT GUIDELINES FOR COUNCIL Approved 5 June 2008 (last updated 1 December 2014) Council is the governing body of The Association of Corporate Treasurers ( ACT ). It is ultimately responsible for the stewardship

More information

TORONTO POLICE SERVICES BOARD REGULATED INTERACTION WITH THE COMMUNITY AND THE COLLECTION OF IDENTIFYING INFORMATION

TORONTO POLICE SERVICES BOARD REGULATED INTERACTION WITH THE COMMUNITY AND THE COLLECTION OF IDENTIFYING INFORMATION TORONTO POLICE SERVICES BOARD REGULATED INTERACTION WITH THE COMMUNITY AND THE COLLECTION OF IDENTIFYING INFORMATION APPROVED April 24, 2014 Minute No: P102/14 REVIEWED (R) AND/OR AMENDED (A) REPORTING

More information

Data Protection Bill [HL]

Data Protection Bill [HL] [AS AMENDED IN COMMITTEE] CONTENTS PART 1 PRELIMINARY 1 Overview 2 Terms relating to the processing of personal data PART 2 GENERAL PROCESSING CHAPTER 1 SCOPE AND DEFINITIONS 3 Processing to which this

More information

Quick Reference Guides to Out of Court Disposals

Quick Reference Guides to Out of Court Disposals Quick Reference Guides to Out of Court Disposals Effective from: 8 th April 2013 Contents QUICK REFERENCE GUIDES TO INDIVIDUAL DISPOSALS 4 Out-of-Court Disposals overview 4 What? 4 Why? 4 When? 5 National

More information

CRIMINAL RECORDS CHECK (DBS) POLICY. Author/Reviewer: Date Approved: Jan 2006

CRIMINAL RECORDS CHECK (DBS) POLICY. Author/Reviewer: Date Approved: Jan 2006 CRIMINAL RECORDS CHECK (DBS) POLICY Author/Reviewer: DHR Date Approved: Jan 2006 Where Approved: Corporation Date of Issue: Nov 2008 Impact Assessment: Jan 2008 Date Reviewed: August 2010 Date Reviewed

More information

DATA PROTECTION (JERSEY) LAW 2005

DATA PROTECTION (JERSEY) LAW 2005 DATA PROTECTION (JERSEY) LAW 2005 Revised Edition Showing the law as at 1 January 2017 This is a revised edition of the law Data Protection (Jersey) Law 2005 Arrangement DATA PROTECTION (JERSEY) LAW 2005

More information

Consolidated text PROJET DE LOI ENTITLED. The Data Protection (Bailiwick of Guernsey) Law, 2001 * [CONSOLIDATED TEXT] NOTE

Consolidated text PROJET DE LOI ENTITLED. The Data Protection (Bailiwick of Guernsey) Law, 2001 * [CONSOLIDATED TEXT] NOTE PROJET DE LOI ENTITLED The Data Protection (Bailiwick of Guernsey) Law, 2001 * [CONSOLIDATED TEXT] NOTE This consolidated version of the enactment incorporates all amendments listed in the footnote below.

More information

Fixed Penalty Notice Enforcement Policy

Fixed Penalty Notice Enforcement Policy Page 1 of 9 Name of Policy: Fixed Penalty Notice Enforcement Policy Date of Inception: 12.06.15 This is a Policy or Procedure document of Newquay Town Council and as such must be fully adhered to by both

More information

LAW OF THE REPUBLIC OF ARMENIA ON PROTECTION OF PERSONAL DATA CHAPTER 1 GENERAL PROVISIONS

LAW OF THE REPUBLIC OF ARMENIA ON PROTECTION OF PERSONAL DATA CHAPTER 1 GENERAL PROVISIONS LAW OF THE REPUBLIC OF ARMENIA ON PROTECTION OF PERSONAL DATA CHAPTER 1 GENERAL PROVISIONS Article 1. Subject matter of the Law 1. This Law shall regulate the procedure and conditions for processing personal

More information

Interest Balancing Test Assessment regarding data processing for the purpose of the exercise of legal claims

Interest Balancing Test Assessment regarding data processing for the purpose of the exercise of legal claims 1 Legitimate interest of the controller or a third party: Controller s interest: Exercise of legal claims in connection with the individual passenger car rental agreement concluded based on the MOL LIMO

More information

5418/16 AV/NT/vm DGD 2

5418/16 AV/NT/vm DGD 2 Council of the European Union Brussels, 6 April 2016 (OR. en) Interinstitutional File: 2012/0010 (COD) 5418/16 LEGISLATIVE ACTS AND OTHER INSTRUMTS Subject: DATAPROTECT 1 JAI 37 DAPIX 8 FREMP 3 COMIX 36

More information

Mandatory data breach reporting comes to Australia new notification requirements under the Privacy Act (2018) 15(4) PRIVLB 54

Mandatory data breach reporting comes to Australia new notification requirements under the Privacy Act (2018) 15(4) PRIVLB 54 Mandatory data breach reporting comes to Australia new notification requirements under the Privacy Act Privacy Law Bulletin (newsletter) Daniel Kovacs and Alex Garfinkel KCL LAW Editor s Note: This article

More information