Evaluating Safeguarding Data Risk with DPIA: Child Protection
A Data Protection Impact Assessment (“DPIA”) is a type of risk assessment in which an organisation identifies the data protection risks associated...
1 min read
9ine : Mar 25, 2020 9:42:00 PM
In our previous blog, "Data Protection Guidelines for Remote Working and Data Sharing," we published some simple steps to help you identify the risks and mitigating actions of remote working and data sharing. In this blog, we share an essential Data Processor Assessment to assist you in the assessment and deployment of new software tools that you may be implementing to help overcome challenges during the COVID-19 pandemic.
For the majority of organisations, remote working is now a reality. With providers offering different solutions to cater to the needs of their customers, ranging from remote learning to collaborative staff workouts, the requirement to protect the personal data being processed and ensure it remains safe and secure is now more important than ever.
Download 9ine's Data Processor Assessment to assist you in the deployment of new software tools.
As a Data Controller, you are responsible for making sure personal data is processed in accordance with data protection laws. You are required to make sure that all data processors you are using provide sufficient guarantees and have the appropriate technical and organisational measures in place.
To help you determine if a solution has the appropriate measures in place, the first step is to complete a Data Processing Assessment, which will help you identify any processing risks. You can then decide whether you are happy to accept those risks, make changes to reduce them, or opt to use a different Data Processor.
To assist schools during this challenging time, 9ine has developed a comprehensive Data Processing Assessment tool that is available to all schools, without obligation and free of charge.
Once you receive your data processor assessment, you simply work through the processing questionnaire and contract clauses checklist. To further support your school, we are providing an hour of free consulting time. Our consultants will review your assessment(s) and support you in determining any risks and next steps. We look forward to discussing your assessments and supporting you in evidencing your decisions to use new platforms throughout your organisation.
ABOUT THE AUTHOR:
Judith Downing, Senior Data Protection Consultant, has almost 20 years of experience working in the field of data protection, has a BCS Practitioner Certificate in Data Protection and is also a certified GDPR practitioner. She currently advises schools in the UK, Europe and internationally on all aspects of data protection compliance either through our service desk or on-site audits.
A Data Protection Impact Assessment (“DPIA”) is a type of risk assessment in which an organisation identifies the data protection risks associated...
In this fifth blog in the series, we look at Incident Management, following the guidance from the UK National Cyber Security Centre (NCSC). We...
Cyber Security Guidance from the Charity Commission