advertisement

DPA compliance solution

33 %
67 %
advertisement
Information about DPA compliance solution
Business-Finance

Published on August 18, 2008

Author: oguntala

Source: authorstream.com

advertisement

DPA protection Manager (DPA) software for Data protection Managers & Data controllers : DPA protection Manager (DPA) software for Data protection Managers & Data controllers www.riesgoriskmanagement.com 1 8/18/2008 www.riesgoriskmanagement.com || Data Protection Act compliance solution Introduction : Introduction Our solution takes for steps for complying with Data Protection namely: ICO notification Policies and guidelines implementation planning and execution Project assessment Asset assessment Operational handover Our solutions is beneficial to the following stakeholders Data protection manager Data controllers Project managers Information security manager Internal auditors Asset owners Our intranet solution allows you to be able to deploy the solution allowing you to integrate with all your business units seamlessly. 2 8/18/2008 www.riesgoriskmanagement.com || Data Protection Act compliance solution Slide 4: 4 Data controller Internal Audit Information Security Manager Project managers Data Protection manager The Data protection compliance framework Stakeholders 8/18/2008 www.riesgoriskmanagement.com || Data Protection Act compliance solution Operational overview : Operational overview H M L Principle assessment Org chart Policies Guidelines Log in mgmt Business units Business units Business units - Data Protection - Compliance & Assurance Business units Real time interaction DPA  DPA  - 3rd parties - Outsourced parties Alert System setup Contract & data processing agreement 5 8/18/2008 www.riesgoriskmanagement.com || Data Protection Act compliance solution Slide 6: 6 Company New to DPA implementation Some DPA implementation Mature DPA Implementation Policy writing Registration with ICO Supporting Data controller Knowledge transfer Policy writing Supporting Data controller Full solution Scale down solution Audit ongoing periodic Full solution Scale down solution Audit ongoing periodic Audit ongoing periodic Our Services to DP Managers Gap analysis Full solution New/small companies SME Large companies Government clients Security clearance 8/18/2008 www.riesgoriskmanagement.com || Data Protection Act compliance solution Notification form : Notification form Part1 Data controller (DC) Name (correct legal title of the individual or organisation) Address ( address of the organisation or person who has filled in the form ) Company registration number ( registration number , if a company) Contact name (name of a contact person for the organisation) Email (email of the contact person) Telephone (contact telephone) General description of the personal information being carried out by the data controller Purpose [dropdown list of purposes] : new purpose Data subjects [ dropdown list of data subjects] : new data subjects Data classes [ dropdown list of data classes] : new data classes Recipients [ dropdown list of recipients ] : new data recipients Transfers : Yes /No Part 2 Security statement DC’s general description of the measures to be taken for the purpose of protecting against authorised or unlawful processing of personal information & against accidental loss or destruction of or damage to personal information Statement of information security policy Controlling physical security Controls on access to information Business continuity plan Staff training security systems and procedures Detecting and investigating breaches of security when they occur Trading names Trading names or aliases Statement of exempt processing Do you do any processing that you are not required to notify – Yes/NO Reason Any processing of structured manual records Purposes of staff administration Purposes of advertising, marketing and PR Purposes of accounts and records Non profit – membership administration Voluntary notification Representative name and address [ if non EEA Declaration 8 save Export print Last updated – 12/03/08 Edit 1st step of Data protection  ICO notification 8/18/2008 www.riesgoriskmanagement.com || Data Protection Act compliance solution Slide 9: 9 2nd step policies & guidelines 8/18/2008 www.riesgoriskmanagement.com || Data Protection Act compliance solution 3rd step Implementation plan : 3rd step Implementation plan 10 Setup organisation Setup Business units Setup Business unit Point of contact DPA Manager Legal Audit Data controller Head of BU Policy confirmation Business purpose Retention Policy Minimum data Accuracy& relevance Rights Security BU DPA db Policy dissemination BU Projects 1st Fairly & Lawfully 2nd Notified purpose 3rd Minimum data 4th Accuracy & kept up to date 5th Retention 6th Rights 7th Security 8th Outsourcing DPA Assessment N EX Y 8/18/2008 www.riesgoriskmanagement.com || Data Protection Act compliance solution Organisation setup : Organisation setup 11 Org Chart mgmt Business units Business units Business units - Data Protection Compliance & Assurance Information Security Manager Business units 8/18/2008 www.riesgoriskmanagement.com || Data Protection Act compliance solution 4th step intro - DPA project and asset assessments : 4th step intro - DPA project and asset assessments Project name Does this project involve the collection, storage and/or use of personal data - PD determinator Purpose Select from Purpose policy  Minimum data Associated Minimum data Accuracy of data Select from Accuracy guideline Assets Does this Asset involve the collection, storage and/or use of personal data - PD determinator Retention  Associated Retention policy Rights Confirm Rights compliance  Security New Existing Risk assessment outsource Contractual Data processing agreement Db Purpose policy Accuracy guideline Retention policy Rights compliance Contractual agreement Minimum data guideline Asset database Report 8/18/2008 12 www.riesgoriskmanagement.com || Data Protection Act compliance solution Slide 13: 13 Project manager Register project Project Details DPA Assessment Request DPA certificate DPA Assessment results Mitigation plan pass Fail BU Point of contact View BU DPA dashboard My tasks Projects DPA View organisation dashboard helix M Turner 654562 2, 6, 7 2 Comments 1/2/08 Project name Project contact Project ID Principle(s) Gate Comments Date 8 5 7 Alert View Alerts Policies 4th step DPA project assessment (1) 8/18/2008 www.riesgoriskmanagement.com || Data Protection Act compliance solution Slide 14: 14 Project manager Project characteristics Lawful processing Outsourcing Notified purpose Minimum data Accuracy Retention Rights Data security DPA assessment Client notification - who, why & choices Select from business purpose Minimum data associated With business purpose Options for clients to keep info up to date Retention policy associated with the business purpose - Copy of personal information Request stoppage Cease or not begin processing Not to make decision Seek compensation Risk management Business impact assessment DPA assessment results Y N exception Y N exception Y N exception Y N exception Y N exception Y N exception Y N exception Y N exception DPA dashboard Outsourcing involved Data processing agreement 8 5 7 Alert 4th step - Data protection manager software – project assessment (2) 8/18/2008 www.riesgoriskmanagement.com || Data Protection Act compliance solution 5th/6th step – operational handover - DPA Dashboard : 5th/6th step – operational handover - DPA Dashboard 15 8 5 7 Alert Project name Project contact Project ID Principle(s) Gate Comments helix M Turner 102324 2, 6, 7 2 Comments Date 1/2/08 helix M Turner 432345 7 2 Comments 1/2/08 helix M Turner 654562 2, 6, 7 2 Comments 1/2/08 helix M Turner 987878 - 2 Comments 1/2/08 DPA Manager and Analyst will be able to log on the DPA compliance tool and see the Dashboard Details: Project name: Helix Type: Asset/Project Project contact: Start date: Current milestone: Business unit: DPA assessment result 1st principle – pass 2nd principle - pass 3rd principle - pass 4th principle - pass 5th principle - pass 6th principle - pass 7th principle - fail 8th principle - pass 3 4 7 Assets 1 2 3 Projects PD determinator Purpose Accuracy Minimum data Retention Security Policies Updated -12/08/08 Updated – 11/01/07 Updated – 11/01/07 Updated – 11/01/07 Updated – 11/01/07 Updated – 11/01/07 Edit 8/18/2008 www.riesgoriskmanagement.com || Data Protection Act compliance solution Getting started : Getting started Email – info@riesgoriskmanagement.com With information of your request Project cost negotiation Notification solution £3,500 + 2 weeks man hours Entry solution £8,750 + 2 months man hours Hybrid solution £17,900 + 4 months man hours Deluxe solution £25,950 + 4 months man hours Project implementation Delivery and handover Support solutions manned on site service (full/part time) offsite support On demand support 8/18/2008 www.riesgoriskmanagement.com || Data Protection Act compliance solution 17

Add a comment

Related presentations

Related pages

A Proven Solution for Compliance Monitoring - MAXIMUS

A Proven Solution for Compliance Monitoring Reforming Corporate Culture to Ensure Compliance with Deferred Prosecution Agreements (DPA) or Non-Prosecution ...
Read more

End-to-end solution for all your DPA needs – IT Governance ...

Compliance with the UK Data Protection Act (DPA) is a high priority right now, especially considering the recent fines issues by the Information ...
Read more

Solutions | Boldon James

Solutions Challenges ... Export Control Compliance DPA. Industries: Financial Services ... Solution Papers; Case Studies; Webinars;
Read more

Data Protection Act Compliance - Data Capture Solutions

Compliance to Data Protection Act made easy. Switch to secure and cost effective way of managing confidential data with fully compliant software from DCS.
Read more

Data Protection Act (DPA) | Boldon James

Data Protection Act (DPA) DPA Compliance ... Solution Papers; Case Studies; Webinars; Analyst Papers; Brochure; Presentations; Infographics; About. About Us;
Read more

Dallas Psychological Association – AffiniPay

Member benefit from Dallas Psychological Association. As a member of DPA, you’re invited to take advantage of AffiniPay’s unique payment solution ...
Read more

Home - DPA Chartered Accountants and Business Advisors in ...

DPA - a team of Accountants in Taupo providing Accountancy and Business Advisory Services in the North Island
Read more

Keeping Your Business (and Data) Compliant | Liaison ...

Keeping Your Business (and Data) Compliant. Compliance Throughout the Entire Data Lifecycle. Data security and compliance weigh heavily on any organization ...
Read more

Microsoft Dynamics CRM Online

Microsoft Dynamics CRM Online is a customer relationship management solution with built-in capabilities for enterprise-grade security, privacy and ...
Read more