Children's advocacy in children's hearings: DPIA
Data Protection Impact Assessment (DPIA) in relation to the the provision of an advocacy service for children and young people going to children’s hearings.
8. Incorporating Privacy Risks into planning
Explain how the risks and solutions or mitigation actions will be incorporated into the project/business plan, and how they will be monitored. There must be a named official responsible for addressing and monitoring each risk.
Risk Data processed by other organisation to inform reports to Scottish Government.
Ref ABC1
How risk will be incorporated into planning
Assurances from local providers that they adhere to the Data Protection Act and GDPR and that all personnel are trained to ensure compliance with their responsibilities.
Owner
Scottish Government
Pam Semple
Louise Piaskowski
Risk Security of data in hard copies
Ref ABC3
How risk will be incorporated into planning
Include in plan the agreement that all advocacy workers involved in the possible transportation of hard copies of personal data have been given advice or training on best handling methods and have agreed to adhere to these.
Annual assurances will be obtained from advocacy organisations in relation to all their personnel who may use data in hard copies.
Owner
Advocacy organisations
Scottish Government
Pam Semple
Louise Piaskowski
Contact
Email: CYPAdvocacy@gov.scot
There is a problem
Thanks for your feedback