Data Sharing And Subject Access

Please use this quick quiz to find out how ready you are for GDPR. Explanations of the questions will be displayed at the end of the quiz.

There are 11 questions

Step 1: Management And Organisational Data Sharing

1.1 Data sharing policy

Your business has communicated policies, procedures and guidance to all staff which clearly set out when it is appropriate to share or disclose data.

Step 1: Management And Organisational Data Sharing

1.2 Accountability

Your business has assigned responsibility to an appropriate member of staff for ensuring effective data sharing.

Step 1: Management And Organisational Data Sharing

1.3 Staff training

Your business provides adequate training on an ongoing basis for staff that are regularly required to make decisions regarding whether or not personal data should be shared with third parties.

Step 2: Data Sharing Records

2.1 Decision log

Your business maintains a log of all decisions to share personal data and this is reviewed regularly.

Step 2: Data Sharing Records

2.2 Information sharing agreements

Your business trains its staff (to ensure that they have sufficient understanding of how) to operate the CCTV system and cameras (if applicable). Your business trains its staff to recognise requests for CCTV information/images.

Step 3: Registration

3.1 Fair processing

our business informs individuals about the sharing of their personal data.

Step 3: Registration

3.2 ICO registration

Your business has considered whether you need to provide the Information Commissioner's Office (ICO) with a description of the individuals or organisations to whom you intend or may wish to disclose personal data.

Step 4: Security

4.1 Security measures

Your business has appropriate security measures in place to protect data in transit, received by your business and transferred to another business.

Step 5: Subject Access

5.1 Subject access process

Your business has a documented process for processing subject access requests which has been effectively implemented. Your business has measures in place to ensure requests are appropriately recognised, timescales are met and the appropriate information is provided.

Step 5: Subject Access

5.2 Accountability and training

Your business has appropriately resourced and trained all personnel assigned responsibility for processing subject access requests. Your business has made all personnel aware of their responsibility to support subject access requests and where in the organisation they should direct requests to.

Step 5: Subject Access

5.3 Compliance monitoring

The process is monitored and reviewed and, where necessary, additional measures have been implemented to improve compliance.

 Thank you for completing the Data Sharing And Subject Access