This book is a practical guide to complying with the legislation set out in the Data Protection Act 1998
Chapters
- Processing Data, Ruth Boardman
- Consequences of Failure, Ruth Boardman
- Preparations for Audit, Ruth Boardman
- The Audit, Ruth Boardman
- Basic Compliance 1: The Strategy, its Promulgation and Enforcement, Ruth Boardman
- Basic Compliance 2: Notification, Ruth Boardman
- Principle 1: Fairly and Lawfully, Ruth Boardman
- Principles 2 to 5: Data Quality, Ruth Boardman
- Principle 5: Data Subjects’, Ruth Boardman
- Principle 7: Security, Ruth Boardman
- Principle 8: Transborder Dataflows, Ruth Boardman
- Special Cases, Ruth Boardman
- Electronic Mail, Ruth Boardman
- Maintaining Data Protection Compliance, Ruth Boardman
- Checklist for the Data Protection Officer and others, Ruth Boardman
1. Processing Data
Processing, The players
2. Consequences of Failure - Ruth Boardman
Criminal sanctions, Legal actions, Bad publicity
3. Preparations for Audit
Role and scope, Procedures, The Commissioner’s Audit Manual
4. The Audit
Records and their processing, Data Subjects, Files, Processing, Checklist of audit questions, Interpreting the results of the audit
5. Basic Compliance 1: The Strategy, its Promulgation and Enforcement
Strategy, The Data Protection Officer, Policy and procedures, Contracts, Promulgation, Enforcement
6. Basic Compliance 2: Notification
Notification, Exemptions, Practicalities 1: how to notify, Practicalities 2: keeping the notification up-to-date
7. Principle 1: Fairly and Lawfully
Fairness, Preconditions to processing, Lawfulness, Practical conclusions
8. Principles 2 to 5: Data Quality
2nd Principle: the purpose, 3rd Principle: adequate, 4th Principle: accurate and up-to-date, 5th Principle: no longer than necessary, The Purposes: a checklist
9. Principle 5: Data Subjects’ Rights
Data subjects’ rights, Right of access
10. Principle 7: Security
7th Principle, Security assessment, Employee assessment, Data processors
11. Principle 8: Transborder Dataflows
The prohibition of transfer, Types of data transfer, Possible solutions to the 8th Principle prohibition
12. Special Cases
Special types of data, Exemptions, Transitional arrangements
13. Electronic Mail
Ordinary Mail, Why e-mail is different, Monitoring e-mails, An e-mail policy – some checklists
14. Maintaining Data Protection Compliance
The changing law, The changing organisation, Data Protection Officer’s report to the Board
15. Checklist for the Data Protection Officer and others
Relations with the Board, Relations with Human Resources Department, Relations with the IT Department, Relations with the webmaster, Relations with Corporate Security, Relations with the Legal Department, Relations with Direct Marketing and Publicity, Relations with foreign subsidiaries and partners, Relations with Information Commissioner.