Data Protection

sharon lynch
Mind Map by sharon lynch, updated more than 1 year ago
sharon lynch
Created by sharon lynch over 5 years ago


Data Projections

Resource summary

Data Protection
  1. Who
    1. Data Controller
      1. Obligations
        1. OF
          1. 1. Obtain and process information fairly - collecting using disclosing retaining disposing of Personal data , fairness meaning transparent
            1. Example - student visa 85% attendence, fair to provide attendance records to grada national immigration bureau compliance
          2. KELP
            1. 2. Keep information only for one or more specified explicit and lawful purposes - data subject aware , reason should be legitimate
            2. CUP
              1. 3. Compatable Use Purpose - Use and Disclose in ways compatable with its purpose
              2. TOSS
                1. 4. Technical Organisation Safe and Secure
                2. ARE
                  1. 6. Keep it adequate , Relevant and Not Excessive
                    1. Supermarket doesnt need to know your blood type
                  2. CAD
                    1. 5, Complete Accurate Up to Date
                      1. You are entitled to check it
                    2. RUN
                      1. 7. Retain Un Necessary - for No longer than Necessary
                      2. CAR
                        1. 8. Copy at request
                        2. 8 Data Protection Principles
                        3. Controls the Content and Use
                        4. Data Subject
                          1. Rights - H.E.A.D
                            1. H Have it Erased, Estabish Existence , Access to data, To object to Disclosure to third party
                              1. Existence - Writing and Response 21 Days
                                1. Access - Data subject Access Request ( DAR) Writing and Response 42 Days. Controller may require ID and can charge Fee up to 6,35 request should be logged . Controller should send copy and permanent form
                                  1. Cannot Respond in Full
                                    1. Confidential References, Legally privileged documents, Disproportionate burden, Information related to third party
                                      1. Failure to reply within given time could result in ODPC complaint process an audit or a criminal PRosecution
                              2. Disclosure requirements to Data Subject
                                1. Identity of Data Controller
                                  1. Reason data is being kept - Keep your own information Up to date etc
                                    1. Any other reasonable information data subject may require
                                    2. human subject /individual
                                    3. Data Processor
                                    4. Types
                                      1. Manual
                                        1. Electronic
                                          1. Email
                                            1. automated
                                            2. Personal Data - Facilitates the identification of the subject
                                              1. Risk - Use data for Improper Use
                                                1. Sensitive Personal Data
                                                  1. Etnic
                                                    1. Religion
                                                      1. Trade Union Submission
                                                        1. Mental Health
                                                          1. Political Opinion
                                                            1. Info related to the commission or alleged commision of an offence
                                                            2. Express Consent of Data Subject Must be Obtained before Personal Data can be gathered or Processed
                                                          2. ACT to Protect- 1988 2003 - TO protest your personal information from unwarrented Dissemination
                                                            1. ODPC
                                                              1. Sanctions
                                                                1. Forfeiture
                                                                  1. Court has right to ask for data to be destroyed
                                                                  2. Civil
                                                                    1. Based on Negligence - Torte Law data controller or processor owes a duty of care to the data subjeect about whom data is being kept
                                                                      1. Show there was a breach
                                                                        1. That they suffered damages
                                                                          1. That the breach caused the damage
                                                                            1. Example : Pharmacy , Married woman, stress in marriage - pregnancy test
                                                                            2. Damages and Injunctions
                                                                            3. Criminal
                                                                              1. An Offence - A fine of up to 3000 per offence on Summary
                                                                                1. Up to 100000 on indictment
                                                                                  1. Electronic communcations company security obligations - Fine not exceeding 5000 on summary or 50000 for a natural person to 250000 if the offender is a body corporate
                                                                                2. Office of Data Protecion Commissioner
                                                                                  1. Powers
                                                                                    1. CIA
                                                                                      1. C- Conduct Investigations
                                                                                        1. I - Issue Enforcement
                                                                                          1. Compliance
                                                                                            1. Enforcement Notices
                                                                                            2. A - Authorized to Enter Premises
                                                                                              1. Can conduct an audit this Policy
                                                                                                1. Eg : If you have a policy in place the auditors can chek your policy
                                                                                                2. Can engage in Mediation - the complainer and the complaint
                                                                                            3. Stems from European LAW
                                                                                            4. Data Security Breach Code of Practice
                                                                                              1. DPC ( DAta protection commissioner - in July 2010
                                                                                                1. Data controller needs to inform ODPC - where there is a breach in manual or electronic data
                                                                                                  1. An Garda
                                                                                                    1. Financial Institutions
                                                                                                      1. Report in 2 days
                                                                                                        1. Amount of Data
                                                                                                          1. Action been taking to secure and recover data
                                                                                                            1. Action to inform data subjects or reasons not to
                                                                                                              1. Actions to limit damage
                                                                                                                1. Chronology of events
                                                                                                                  1. Measure to prevent it happening again
                                                                                                              Show full summary Hide full summary


                                                                                                              Contract Law
                                                                                                              How Parliament Makes Laws
                                                                                                              A-Level Law: Theft
                                                                                                              AQA AS LAW, Unit 1, Section A, Parliamentary Law Making 1/3
                                                                                                              A2 Law: Cases - Defence of Insanity
                                                                                                              Jessica 'JessieB
                                                                                                              Law Commission 1965
                                                                                                              ria rachel
                                                                                                              A2 Law: Special Study - Robbery
                                                                                                              Jessica 'JessieB
                                                                                                              The Criminal Courts
                                                                                                              AS Law Jury Case Quiz
                                                                                                              Fionnghuala Malone
                                                                                                              Criminal Law