Personal data – this is information about a living individual who can be identified from that information or from this information and other information which the data controller already possesses. It can include expressions of opinion about a data subject.
Sensitive Personal Data – Under the DPA, this is personal data that relates to:
- Racial or ethnic origin
- Political opinions
- Religious belief or similar
- Trade Union membership
- Physical/mental health condition
- Sexual life
- Commission or allegation of an offence
- Proceedings for any offence
- Disposal of proceedings or sentence
Data Controller – an individual or an organisation who decides the manner and purpose of how personal data is processed.
Breach (incident) – a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted stored or otherwise processed. This means that a breach is more than just losing personal data.
Information security breaches can happen for a number of reasons and may cause harm and distress to the individuals they affect.
A data security breach can occur due to:
- The loss or theft of data or equipment on which data is stored
- Unauthorised use because of inappropriate access controls
- Equipment failure
- Human error
- Fire or flood
- Hacking
- Information obtained through deceit
If any of the following types of incident (breach) occur (this list is not exhaustive) then you need to report it immediately to the Business Assurance Manager on (01633) 620349 or at data.protection@bronafon.org.uk.