Personal Data Policy
With changes to the Privacy and Data Protection Act to include the mandatory data breach notification scheme, it is critical that organisations not only have a Personal Data Protection Policy, but a Breach Response Plan in place.
Think you’re covered already?
Here are some questions you should be able to answer “Yes” to:
- 1. Do you have a formal Privacy and Personal Data Policy approved by management and communicated to staff
- 2. Do you provide annual training to employees accessing personal data
- 3. Do you monitor to ensure compliance with laws and regulations relating to personal data
- 4. Have your personal data practices been audited by an independent in the last 2 years
- 5. Have you put in place a Data Breach Response plan and educated employees accordingly
- 6. Is personal data access restricted to those who need it to perform a task
- 7. Do you encrypt stored personal data and personal data backups
- 8. Is personal data encrypted when transferred over the network
- 9. Are mobile devices and laptop hard drives encrypted
- 10. Does your internet security policy prohibit the copying of non-encrypted personal data to removable storage devices or transferring them by email
- 11. And finally, do you have a formal Breach Response Plan
TechBrain can work with you to develop a Corporate Policy for Protecting Personal Information and a Response Plan in case there is a breach.