Data Protection Essentials for RSLs
Date: Thursday, 18 May 2017
Time: 9.30am to 4.30pm
Cost: £150 per person (includes lunch and slide presentation in electronic format)
In 2017, Data Protection will be high on the agenda of most organisations, particularly since the new General Data Protection Regulation (Regulation) comes into force in May 2018 and brings with it the most significant overhaul of Data Protection law in over 25 years.
RSLs hold personal data on their staff, tenants, owner occupiers and contractors, including sensitive personal data regarding health and criminal convictions. RSLs are increasingly investing in electronic document management systems (eDMS) to save on limited office space and to facilitate access to records across the organisation. While convenient, eDMS give rise to Data Protection issues that RSLs must address.
In preparation for the Regulation, the need for RSLs to undertake an audit of their Data Protection Act 1998 (DPA) compliance and identify areas for improvement cannot be overestimated. Failure to act now could damage reputation or even lead to fines under the Regulation. It could also trigger a notifiable event to the Scottish Housing Regulator.
Daradjeet Jagpal, Legal Consultant and Director of Information Law Solutions, an independent legal consultancy specialising in delivering advisory, audit and training services to RSLs in Data Protection and Access to Information laws, will take participants through the key Data Protection issues faced by RSLs today and outline the practical and cost effective steps they can take to comply with the law.
This interactive event includes an overview of the DPA and will equip participants with the essential knowledge and toolkit to manage their compliance risk, protect their reputation and meet legal requirements when:
collecting personal data, by preparing compliant Data Protection statements;
entering into data sharing arrangements with local authorities and the Police for crime prevention, ASB and tenancy management purposes;
investing in eDMS to store records;
determining how long to keep personal data;
keeping personal data secure, including making use of portable devices, remote working and cloud data storage, managing internal access to personal data and physical data security;
preventing and managing data security breach incidents;
using CCTV and drones for crime prevention and maintenance work inspection;
handling subject access requests for access to personal data;
sharing personal data with contractors and other service providers;
implementing an internal Data Protection policy and monitoring compliance;
operating websites and social media channels; and
starting to prepare for the Regulation.
The event will include case studies for discussion by participants, with useful practical tips and guidance and pitfalls to avoid.
No previous Data Protection knowledge is assumed and the event is suitable for anyone interested in Data Protection, regardless of their role, level of skill or experience. Seasoned practitioners seeking a refresher or insight into Data Protection issues relevant to RSLs will find value in the event.
The cost of the event includes tea and coffee on arrival and break times, networking lunch and the slide presentation in electronic format by follow-up e-mail after the event.
Participants will be issued with an electronic certificate confirming attendance at the event for their training records (6 hours’ verifiable CPD).