Data Protection and Confidentiality Training Course

Data Protection is a legal requirement for every business and organisation which must be able to demonstrate measures have been taken to ensure confidentiality and the safe handling of information. This is a legal duty on all sectors who collect and store any kind of information.

This online guide will help you to learn how to correctly handle data at Mavens of London.

Back ground

Principles of the DPA 2018

Everyone responsible for using personal data has to follow strict rules called ‘data protection principles’. They must make sure the information is:

  • used fairly, lawfully and transparently
  • used for specified, explicit purposes
  • used in a way that is adequate, relevant and limited to only what is necessary
  • accurate and, where necessary, kept up to date
  • kept for no longer than is necessary
  • handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage

Data processing at Mavens

Working with contractors

special category data

  • Social media posts may contain
    Special category data
  • Blog posts may contain
    personal information
  • i must report a breach if data is lost containing
    personal information or special category data

Breach procedure

  • Notify a data champion or EXCO member immediately
  • Identify what data could have been lost
  • Identify if the data is psonal or special category
  • Report to the ICO
  • Notify all data subjects involved

Permissions

I must obtain permission to process  data, unless in circumstances where it is unreasonable to do so due to the  required. 

If I am unsure about data collection or processing I can check with 

Confidentiality

Guidelines for Dealing with Confidential Information

 

1. Safeguard your username, password and any other access credentials you have for systems and applications that deal with confidential information.

2. Protect mobile devices such as smartphones, tablets and USB drives that contain confidential information.

3. Never leave your computer unattended when confidential information is on the screen.

4. Before transmitting confidential information to others, be sure that:

  • The transmission complies with the law and privacy and security policies;
  • The recipient has a legitimate business purpose for the information;
  • You're sending no more information than is needed by the recipient; 
  • You're sending the information in a protected manner (e.g., encrypted) when called for by the company policies or the law.

5. Retain or destroy confidential information contained in your records in accordance with your record-management policy.

6. Report any security incidents or privacy breaches that you observe or become aware of as soon as possible.

Which one of the following shows respect for confidentiality of information?

  • Discussing confidential information over the telephone.
  • Disclosing confidential information only to authorised individuals.
  • Uploading confidential information to a shared web site.
  • Emailing confidential information to a colleague.

How should confidential information be sent using an unsecured network?

  • In an encrypted format.
  • In a compressed format.
  • In an attachment.

Mark the following statements as true or false.

  • Because you work in a secure building, you can discuss confidential information in an open work area.
  • The Information Security Policy and related policies only apply to electronic and hardcopy records and does not apply to verbal discussions.
  • You should always lock your computer when you are away from your desk.

How to Keep Your Password Safe

How can you keep your password secure?

  • Write it in your notebook.
  • Memorise it.
  • Tell a person who you know you can trust.

What is an example of a strong password?

  • 1234567890
  • G*rbea8$e
  • qwerty123
  • johndoe

Mark the following statements as true or false.

  • Your password should be changed regularly.
  • Whenever possible avoid using password managers.
  • It is OK to share your password with your colleagues.

Wrap-Up

Breaches of workplace confidentiality can result in a range of problems. Customers tend not to work with companies they think are untrustworthy, and consumers may specifically warn people away from companies that have mishandled private information.

This course has been produced so that employees are aware of the ways dealing with confidential information and keeping company data safe.