Data Sharing And Subject Access Please use this quick quiz to find out how ready you are for GDPR. Explanations of the questions will be displayed at the end of the quiz. There are 11 questions Step 1: Management And Organisational Data Sharing 1.1 Data sharing policy Your business has communicated policies, procedures and guidance to all staff which clearly set out when it is appropriate to share or disclose data. Not yet implemented or planned Partially implemented or planned Successfully implemented Not applicable HintStep 1: Management And Organisational Data Sharing 1.2 Accountability Your business has assigned responsibility to an appropriate member of staff for ensuring effective data sharing. Not yet implemented or plannedPartially implemented or plannedSuccessfully implementedNot applicableHintStep 1: Management And Organisational Data Sharing 1.3 Staff training Your business provides adequate training on an ongoing basis for staff that are regularly required to make decisions regarding whether or not personal data should be shared with third parties. Partially implemented or plannedSuccessfully implementedNot applicableHintStep 2: Data Sharing Records 2.1 Decision log Your business maintains a log of all decisions to share personal data and this is reviewed regularly. Not yet implemented or plannedPartially implemented or plannedSuccessfully implementedNot applicableHintStep 2: Data Sharing Records 2.2 Information sharing agreements Your business trains its staff (to ensure that they have sufficient understanding of how) to operate the CCTV system and cameras (if applicable). Your business trains its staff to recognise requests for CCTV information/images. Not yet implemented or plannedPartially implemented or plannedSuccessfully implementedNot applicableHintStep 3: Registration 3.1 Fair processing our business informs individuals about the sharing of their personal data. Not yet implemented or plannedPartially implemented or plannedSuccessfully implementedNot applicableHintStep 3: Registration 3.2 ICO registration Your business has considered whether you need to provide the Information Commissioner's Office (ICO) with a description of the individuals or organisations to whom you intend or may wish to disclose personal data. Not yet implemented or plannedPartially implemented or plannedSuccessfully implementedNot applicableHintStep 4: Security 4.1 Security measures Your business has appropriate security measures in place to protect data in transit, received by your business and transferred to another business. Not yet implemented or plannedPartially implemented or plannedSuccessfully implementedNot applicableHintStep 5: Subject Access 5.1 Subject access process Your business has a documented process for processing subject access requests which has been effectively implemented. Your business has measures in place to ensure requests are appropriately recognised, timescales are met and the appropriate information is provided. Not yet implemented or plannedPartially implemented or plannedSuccessfully implementedNot applicableHintStep 5: Subject Access 5.2 Accountability and training Your business has appropriately resourced and trained all personnel assigned responsibility for processing subject access requests. Your business has made all personnel aware of their responsibility to support subject access requests and where in the organisation they should direct requests to. Not yet implemented or plannedPartially implemented or plannedSuccessfully implementedNot applicableHintStep 5: Subject Access 5.3 Compliance monitoring The process is monitored and reviewed and, where necessary, additional measures have been implemented to improve compliance. Not yet implemented or plannedPartially implemented or plannedSuccessfully implementedNot applicableHint Thank you for completing the Data Sharing And Subject Access E-mail Name Phone Company
