Assurance & Risk

The team make sure the business sticks to regulations and standards, keeps risks under control and follows our policies. They...

BA_InternalAuditProcess_01

This policy provides a framework for ensuring that Bron Afon meets its obligations under the UK General Data Protection Regulation...

Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can...

There are specific principles from the GDPR that inform us how we should collect, store, process and dispose of the...

We are required by law to hold a register of all information we hold that includes personal or ‘special category’...

Security of Bron Afon property and data is vital to ensure that customers have trust in all that we do....

We have a duty under the Data Protection Act to ensure that all personal data is accurate and kept up...

When sharing information with organisations outside of Bron Afon one of the following conditions must be in place: It is...

The Data Protection Act has special rules about what is called “special category data.” This replaces sensitive data from the...

We will ensure that every member of staff is aware of their responsibility to ensure that individual’s data is kept...

The answer is that everyone is responsible. We are all responsible for protecting and keeping secure personal and special category...

Under data protection law, individuals have rights we need to make them aware of. The rights available will depend on...

You need to complete an impact assessment when looking to implement new or amended changes.  Examples of this include changes...