Ohh! very nice
8:22 a.m.
Your business has communicated policies, procedures and guidance to all staff which clearly set out when it is appropriate to share or disclose data. | |
Your business has assigned responsibility to an appropriate member of staff for ensuring effective data sharing. | |
Your business provides adequate training on an ongoing basis for staff that are regularly required to make decisions regarding whether or not personal data should be shared with third parties. | |
Your business maintains a log of all decisions to share personal data and this is reviewed regularly. | |
Your business has agreed data sharing agreements with an appropriate legal basis with all parties with whom personal data is routinely shared or where large quantities of data are to be transferred. These agreements are regularly reviewed. | |
Your business informs individuals about the sharing of their personal data. | |
Your business has considered whether you need to provide the Information Commissioner's Office (ICO) with a description of the individuals or organisations to whom you intend or may wish to disclose personal data. | |
Your business has appropriate security measures in place to protect data in transit, received by your business and transferred to another business. | |
Your business has a documented process for processing subject access requests which has been effectively implemented. Your business has measures in place to ensure requests are appropriately recognised, timescales are met and the appropriate information is provided. | |
Your business has appropriately resourced and trained all personnel assigned responsibility for processing subject access requests. Your business has made all personnel aware of their responsibility to support subject access requests and where in the organisation they should direct requests to. | |
The process is monitored and reviewed and, where necessary, additional measures have been implemented to improve compliance. |
© 2019 The Document Warehouse UK Ltd