Assurance & Risk

This is the disclosure form you need to get the tenant to fill out if they want someone else to...

This procedure must be used in conjunction with our Confidentiality & Data Protection policy. The procedure sets out the process for...

This procedure details how our staff and Board members will be expected to respond to an incident (i.e. breach of...

Personal data – this is information about a living individual who can be identified from that information or from this information and other...

Information security breaches can happen for a number of reasons and may cause harm and distress to the individuals they...

The ICO identifies four elements that should be applied as part of any breach management plan and includes:- Containment and...

The following will be considered:- The type of data involved How sensitive the data is e.g. health records, bank account...

If we ever have occasion to notify the ICO of a breach then we will need to include details of...

Do not:- Use someone else’s password/access code to access information. Leave personal data or sensitive personal data on your desk...

It is important that we evaluate the effectiveness of our response to a breach and not just the cause.  Evaluation...

A contract holder’s data will be collected, stored and shared in accordance with our Privacy Policy which is available on...

Individuals have the right to access and receive a copy of their personal data, and other supplementary information. This is...

A SAR is a request that can be made in writing, by email or verbally asking for access to the...