Upload File

data privacy policy.pdf

4
Data Privacy Policy DMS-201503-Policy-BU Policies-100000 Effective as of 03-03-2015 04:49:43

Upload: kimberly-campbell

Post on 11-Sep-2015

221 views

Category:

Documents


1 download

Report

TRANSCRIPT

  • Data Privacy Policy

    DMS-201503-Policy-BU Policies-100000

    Effective as of 03-03-2015 04:49:43

  • 1 Introduction

    MetricStream needs to gather and use certain information about individuals.

    These can include customers, suppliers, business contacts, employees and other people the organisation has a relationship with or may need to contact.

    This policy describes how this personal data must be collected, handled and stored to meet the companys data protection standards and to comply with the law.

    Why this policy exists

    This data protection policy ensures MetricStream:

    Complies with data protection law and follow good practice Protects the rights of staff, customers and partners Is open about how it stores and processes individuals data Protects itself from the risks of a data breach

    2 Policy

    Policy scope

    This policy applies to:

    The head office of [company name] All branches of [company name] All staff and volunteers of [company name] All contractors, suppliers and other people working on behalf of [company name]

    It applies to all data that the company holds relating to identifiable individuals, even if that information technically falls outside of the Data Protection Act 1998. This can include:

    Names of individuals Postal addresses Email addresses Telephone numbers plus any other information relating to individuals

    Responsibilities

    Everyone who works for or with [company name] has some responsibility for ensuring data is collected, stored and handled appropriately.

  • Each team that handles personal data must ensure that it is handled and processed in line with this policy and data protection principles.

    However, these people have key areas of responsibility:

    The board of directors is ultimately responsible for ensuring that [company name] meets its legal obligations.

    The [data protection officer], [name], is responsible for:

    o Keeping the board updated about data protection responsibilities, risks and issues.

    o Reviewing all data protection procedures and related policies, in line with an agreed schedule.

    o Arranging data protection training and advice for the people covered by this policy.

    o Handling data protection questions from staff and anyone else covered by this policy.

    o Dealing with requests from individuals to see the data [company name] holds about them (also called subject access requests).

    o Checking and approving any contracts or agreements with third parties that may handle the companys sensitive data.

    The [IT manager], [name], is responsible for:

    o Ensuring all systems, services and equipment used for storing data meet acceptable security standards.

    o Performing regular checks and scans to ensure security hardware and software is functioning properly.

    o Evaluating any third-party services the company is considering using to store or process data. For instance, cloud computing services.

    The [marketing manager], [name], is responsible for:

    o Approving any data protection statements attached to communications such as emails and letters.

    o Addressing any data protection queries from journalists or media outlets like newspapers.

    o Where necessary, working with other staff to ensure marketing initiatives abide by data protection principles.

    3 Violations

    Data protection risks

  • This policy helps to protect [company name] from some very real data security risks, including:

    Breaches of confidentiality. For instance, information being given out inappropriately. Failing to offer choice. For instance, all individuals should be free to choose how the

    company uses data relating to them. Reputational damage. For instance, the company could suffer if hackers successfully

    gained access to sensitive data.

    4 Exceptions

    The only people able to access data covered by this policy should be those who need it

    for their work.

    Data should not be shared informally. When access to confidential information is required, employees can request it from their line managers.

    [Company name] will provide training to all employees to help them understand their responsibilities when handling data.

    Employees should keep all data secure, by taking sensible precautions and following the guidelines below.

    In particular, strong passwords must be used and they should never be shared.

    Personal data should not be disclosed to unauthorised people, either within the company or externally.

    Data should be regularly reviewed and updated if it is found to be out of date. If no longer required, it should be deleted and disposed of.

    Employees should request help from their line manager or the data protection officer if they are unsure about any aspect of data protection.


Privacy-Preserving Data Mining - users.cis.fiu.eduusers.cis.fiu.edu/~lpeng/Privacy/Privacy-preserving data mining.pdf · [Cra99b] [AC99] [LM99] [LEW99]). Paper Organization We discuss

Australiawide Mercantile Agency Privacy Policy Privacy Policy.pdf · Licensed and Bonded Debt Collection Agent Member: Institute of Mercantile Agents Page 2 of 15 ... Customers dealing

Data Privacy Plan

Data privacy and security - TechTargetmedia.techtarget.com/rms/pdf/searchHealthIT-data-privacy...Data privacy and security: How hospitals and providers view HIPAA mandates and data

Privacy by Design : Big Privacy for Big Data

Privacy Preserving Categorical Data Analysis with Unknown ... · TRANSACTIONS ON DATA PRIVACY 2 (2009) 185–205 Privacy Preserving Categorical Data Analysis with Unknown Distortion

Data Privacy

water policy.PDF

Introduction to Privacy Technology - UCL Computer Science · Technology and privacy protection Support data protection principles Hard privacy: data minimization (data never leaks)

fferentially Private Real-Time Data Publishing over Infinite ... · key words: privacy preserving data publishing, differential privacy, per-sonalized privacy, location privacy,

T-Support Privacy Policy › ... › TSupport-Privacy-Policy.pdf · technical support 0 PRIVACY POLICY 39A Millers Road - Warwick Warwickshire - CV34 5AE 01926 402261 We are committed

Protecting Data Privacy

Document ID #: MDOC10537 KB: KB0516442 Version: 4.01 ...careers.jobvite.com/servicenow/Privacy Policy.pdf · ServiceNow websites at www ... , as well as expert services, including

Foreign policy.pdf

Victorian Protective Data Security Framework...Commissioner for Privacy and Data Protection Commissioner for Privacy and Data Protection Commissioner for Privacy and Data Protection

Privacy of Correlated Data & Relaxations of Differential Privacy

Arkadin Data protection & privacy white paper · 6 I ARKADIN DATA PROTECTION & PRIVACY WHITE PAPER ARKADIN DATA PROTECTION & PRIVACY WHITE PAPER I 7 Objectives Data protection is

Data Privacy meeting

Cyber Security and Privacy - EIT Digital · • Cyber privacy − Data privacy in cyberspace • Data privacy − User’s control + Security of sensitive data: • About citizens,

solar policy.pdf

energy policy.pdf

HR Policy.pdf

Data Privacy & Data Security

Ethiopia_4_of_6_ARD policy.pdf

Privacy & Data Protection

Data Privacy Guidelines

Upholding Data Privacy

Student Data Privacy

Data Protection - Security and Privacy and Data... · Data Protection - Security and Privacy ... Data Protection - Security & Privacy Page 1 1. Introduction In todays world data collection

Data Privacy - Teagasc

Privacy preserving data mining Li Xiong CS573 Data Privacy and Anonymity

EY s data privacy service offering › Publication › vwLUAssets › ey-data... · challenges around data privacy. But companies that take a compliance-centric approach to data privacy

Data Publishing Techniques and Privacy Preserving - Infonomics … · 2020-01-15 · Healthcare data with privacy, maintaining privacy of healthcare big-data, privacy preserving cloud

Privacy Preserving Data Mining, a Data Quality Approachpublications.jrc.ec.europa.eu/.../ppdm_data_quality... · data quality context, Orr notes that data quality and data privacy

Privacy Policy - Australian Islamic College Policy.pdf · Privacy Policy.docx P a g e 5 Electronic Storage of Information The College may use online or “cloud” service providers