Another excellent article from Dr Soliciors
Top tips to avoid an ICO reprimand
We suggest that you carry out a thorough and regular review of your policies, procedures and training and document the outcome of each review. You may wish to prioritise the following:
- all data protection policies, procedures and staff guidance and training, particularly those relating to the management of data subject requests and requests for access to medical records
- those policies and procedures relating to the removal and redaction of third party and non-personal data and those for data disclosure and sharing
- procedures and training on how to detect and report a personal data breach
- staff data protection instruction and training to confirm that it complies with the ICO’s Accountability Framework. Particular attention should be given to the training of those responsible for managing data subject requests, the removal and redaction of data and the disclosure and sharing of personal data.
Read the full details here:
Data law compliance failures are a growing problem: tips to reduce your risk