Data Protection Pocket Guide is a user-friendly guide for anyone who needs to know about the issues involved in data protection. This new edition reflects all the changes that necessitated the publication of BS 10012:2009, including a new chapter on operating CCTV and guidance on modern dilemmas such as using social networks like Facebook and YouTube for business purposes. All the case studies have been updated to reflect current issues and troubleshooting sections give practical advice on what to do in common situations that a busy professional may experience, whatever the size or sector. Real-life case studies bring the subject to life and provide useful material for an organization s training and awareness programme. Foreword Preface Introduction to the Second Edition The new British Standard for Data Protection: BS10012 Structure of this book Chapter 1 Introduction Chapter 2 Notification Chapter 3 Exemptions from notification Chapter 4 Collecting personal information Chapter 5 Using personal information Chapter 6 Data quality Chapter 7 Disclosing and sharing personal information Chapter 8 Transferring personal information outside Europe Chapter 9 Using information in line with individuals rights Chapter 10 Employers and employee information Chapter 11 E-commerce Chapter 12 CCTV Chapter 13 Security and disposal of personal information Chapter 14 Sector-specific guidance for using personal information Chapter 15 Audit, review and checklists Chapter 16 Contact with the Information Commissioner and enforcement action
 Trade In this Item for up to £2.30
Trade in Data Protection Pocket Guide. Essential Facts at Your Fingertips for an Amazon.co.uk gift card of up to £2.30, which you can then spend on millions of items across the site. Trade-in values may vary (terms apply). Learn more
|
Book Description
Frequently Bought Together
Product details
Would you like to update product info or give feedback on images?
|
More About the Author
Discover books, learn about writers, and more.
Product Description
Review
This is a very good piece of work. It is comprehensive and reads easily. The clear non-technical style reflects what we are seeking to produce in our own revised guidance. --Information Commissioners Office (ICO)
I started looking at the book in order to review it but ended up reading it cover-to-cover as it was packed full of interesting advice on how to as well as what to in relation to data protection. Overall, an excellent book that covers a lot of ground in just 124 pages and provides all you need to know to comply with the DPA and start considering whether you need certification to BS10012 or not. --The Chartered Institute for IT
This is a pocket battleship of basic data protection information with which all information security professionals should be familiar when advising or employed in organizations. --ISSG Magazine, Information Security Specialist Group of the British Computer Society
I started looking at the book in order to review it but ended up reading it cover-to-cover as it was packed full of interesting advice on how to as well as what to in relation to data protection. Overall, an excellent book that covers a lot of ground in just 124 pages and provides all you need to know to comply with the DPA and start considering whether you need certification to BS10012 or not. --The Chartered Institute for IT
This is a pocket battleship of basic data protection information with which all information security professionals should be familiar when advising or employed in organizations. --ISSG Magazine, Information Security Specialist Group of the British Computer Society
About the Author
Nicola McKilligan is a privacy and information law consultant with experience of advising business on compliance with the Data Protection act 1998. Naomi Powell is a data protection consultant who holds professional qualifications in both data protection and training practice.
Sell a Digital Version of This Book in the Kindle Store
If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store.
Learn more
What Other Items Do Customers Buy After Viewing This Item?
Customer Reviews
Most Helpful Customer Reviews
4 of 4 people found the following review helpful
By normngrey
Format:Paperback|Amazon Verified Purchase
If you have advanced knowledge in ths area I would advise you not to spend money on this guide. However it is an excellent guide for staff.
This is a very good ready reference for those not too sure what they should be doing when it comes to data protection legislation. There are frequent short case studies which help colour some of the explanations.
This is the second edition published by the BSI and has 16 chapters listed below.
1. Introduction. Who must comply with the DPA, the rules, what personal infomation is protected by the law, when is an organisation processing personal inforamtion, data processors, who enforces the law.
2. Notification. Notifying the IC, consequences of failure to notify, what information is on the register and who has access, maintenance of notification,, notification agencies.
3. Exemptions from notification. Processing for core business purposes, Not-for-profit organisations, Voluntary notification.
4. Collecting Personal Information. Collction, Fair and lawful processing.
5. Using Personal Information. Using the information fairly.
6. Data Quality. Ensuring the quality of the information, Keeping information accurate/adequate & up to date, matter of opinion, correct at the time but now out of date, keep it relevant, do not collect excessive information, keep information no longer than necessary.
7. Disclosing and Sharing Personal Information. Making disclosures, other sharing, special rules for statutory bodies, FAQs, requests from third parties andprivate sector organisations.
8.Tranferring Personal Information Overseas. Who is in the European Economic Area, what is meant by adequate protection, model contracts, binding corporate rules.
9. Using Information In Line With Individuals' Rights. The law and individuals' rights, right of access, right to object to direct marketing, processing that may cause distress or damage to an individual, rights in relation to automated decision-taking, challenges to accuracy thorugh the courts, FAQs.
10. Employer and Employee Information. Using employee data, employment code of practice, staff training in data protection: their liability (and yours).
11. E-commerce. Data Protection Law and the internet, websites, Cookies/web bugs/other spyware, Email/SMS & MMS multimedia messages, payments over the web.
12. Operating a CCTV System. basic rules, CCTV code of practice.
13. Security and Disposal of Personal Information. Secuirty, outsourcing, disposal and destruction of personal information.
14. Sector-Specific Guidance For Using Personal Information. Accountants/solicitors/other porfessionals, consultants, independent financial advisors, credit brokers, private investigators & tracing agents, health professionals, schools, charities/churches/unincorporated not-for-profit organisations.
15. Maintaining Compliance. Accountability and responsibility, policies and procedures.
16. Contact with the Information Commissioner. Dealing with problems, contact from the IC, difference between enforcement and prosecution, who is liable, warrant to search premises, what happens if you are presecuted, dealing withinformation complaints from individiuals, changes to the IC powers.
The information provided is easy to follow and understand. I think this guide should be in every office where personal information is handled with all staff required to read it. It would be worth issuing to every employee handling such information.
This is a very good ready reference for those not too sure what they should be doing when it comes to data protection legislation. There are frequent short case studies which help colour some of the explanations.
This is the second edition published by the BSI and has 16 chapters listed below.
1. Introduction. Who must comply with the DPA, the rules, what personal infomation is protected by the law, when is an organisation processing personal inforamtion, data processors, who enforces the law.
2. Notification. Notifying the IC, consequences of failure to notify, what information is on the register and who has access, maintenance of notification,, notification agencies.
3. Exemptions from notification. Processing for core business purposes, Not-for-profit organisations, Voluntary notification.
4. Collecting Personal Information. Collction, Fair and lawful processing.
5. Using Personal Information. Using the information fairly.
6. Data Quality. Ensuring the quality of the information, Keeping information accurate/adequate & up to date, matter of opinion, correct at the time but now out of date, keep it relevant, do not collect excessive information, keep information no longer than necessary.
7. Disclosing and Sharing Personal Information. Making disclosures, other sharing, special rules for statutory bodies, FAQs, requests from third parties andprivate sector organisations.
8.Tranferring Personal Information Overseas. Who is in the European Economic Area, what is meant by adequate protection, model contracts, binding corporate rules.
9. Using Information In Line With Individuals' Rights. The law and individuals' rights, right of access, right to object to direct marketing, processing that may cause distress or damage to an individual, rights in relation to automated decision-taking, challenges to accuracy thorugh the courts, FAQs.
10. Employer and Employee Information. Using employee data, employment code of practice, staff training in data protection: their liability (and yours).
11. E-commerce. Data Protection Law and the internet, websites, Cookies/web bugs/other spyware, Email/SMS & MMS multimedia messages, payments over the web.
12. Operating a CCTV System. basic rules, CCTV code of practice.
13. Security and Disposal of Personal Information. Secuirty, outsourcing, disposal and destruction of personal information.
14. Sector-Specific Guidance For Using Personal Information. Accountants/solicitors/other porfessionals, consultants, independent financial advisors, credit brokers, private investigators & tracing agents, health professionals, schools, charities/churches/unincorporated not-for-profit organisations.
15. Maintaining Compliance. Accountability and responsibility, policies and procedures.
16. Contact with the Information Commissioner. Dealing with problems, contact from the IC, difference between enforcement and prosecution, who is liable, warrant to search premises, what happens if you are presecuted, dealing withinformation complaints from individiuals, changes to the IC powers.
The information provided is easy to follow and understand. I think this guide should be in every office where personal information is handled with all staff required to read it. It would be worth issuing to every employee handling such information.
Format:Paperback|Amazon Verified Purchase
I have been using this for some time now and have found it very useful to dip into for reference to support compliance work in IT. Although the book does make reference It would be useful from a personal perspective to see a little more on outsourcing arrangements.
Listmania!
Look for similar items by category
Feedback
- Would you like to update product info or give feedback on images?
- I am the Author, and I want to comment on my book.
- I am the Publisher, and I want to comment on this book.
|
