IET Guidelines for Volunteers: Data Protection
|
|
- Audra Wilkerson
- 6 years ago
- Views:
Transcription
1 SERIAL NO: Issue No: 3.0 IET Guidelines for Volunteers: Protection Effective Date Approved by Author February 2012 Executive Committee Richard Best Date of Last Review Reviewed By Date of Next Review February 2015 Lesley Roe February 2016 Distribution All Volunteers Change History Version Author Date Summary of changes 3.1 Lesley Roe February 2015 No changes this year 3.0 Lesley Roe February 2014 Updated and general tidy up 2.0 Camille February 2012 Restructured, revised and updated. Hiemstra 1.3 Katy Turff August 2011 Addition of Appendix C listing countries with adequate protection to meet UK Protection Act requirements. Minor amendment to definitions. 1.3 Richard Best July 2011 Minor updates, updated links, inclusion of reference to subsidiaries 1.2 Diane Pemberton CONTENTS February Henny Shone February 2008 General update. Addition of Clause 27 regarding submission to the IET of data collected by volunteers. 1. Introduction 2. Summary Protection Policy 3. Protection Principles 4. Guidelines 5. Responsibilities 6. Appendix A: Countries with adequate protection to comply with the UK Protection Act Definitions Version 3.0 Page 1 of 10
2 1. INTRODUCTION As part of our strategy to achieve both our charitable and business objectives, the Institution of Engineering and Technology (the IET) and our associated organisations process personal information about IET members, customers and other external contacts; and market to these individuals IET products, services, events and qualifications. The IET activities of processing personal information and marketing to individuals are governed by UK legislation and regulations such as the Protection Act, and the Privacy and Electronic Communications Regulations (see for details). Good information handling enhances the IET s reputation by increasing member, customer and partner confidence in the organisation. protection is the responsibility of all members and volunteers as well as all staff and agency or contract employees. These guidelines will assist in the understanding and interpretation of the Protection Act and are best read in conjunction with the IET Protection Policy. Definitions, and explanations, of the terms used are given below. 2. SUMMARY DATA PROTECTION POLICY The IET Protection Policy (available separately) addresses the use of personal information about living and identifiable individuals. The processes and procedures of the IET will be compliant with the Protection Act, the eight data protection principles, and the terms of the Privacy & Electronic Communications Regulations, insofar as they apply. The organisation will regularly monitor for compliance. protection is the responsibility of all IET volunteers who have access to any personal information in connection with IET activities. Individuals should use their judgement to determine compliance with the Protection Policy and guidelines. The IET will provide appropriate training, guidance and support, but if in doubt, advice should be sought from the IET Compliance Officer. Any volunteer found to have acted contrary to this policy and related guidelines may be subject to investigation which could result in suspension from volunteer activities involving access to personal information. The IET will take all necessary steps to minimise the risk of civil action being taken against it by the Information Commissioner. It will deal promptly and efficiently with any query, complaint, action, or threatened action, and make any necessary amendments to its policies, processes and procedures to ensure continuing compliance. 3. DATA PROTECTION PRINCIPLES Eight principles are defined to ensure personal information of living and identifiable individuals is handled and processed properly. This includes any action from acquiring or processing the data, including sensitive personal information which relates to racial or ethnic origin, health, political views, religious beliefs, sexual life, trade union membership etc. Although financial data is not covered by the Act, it is recommended that this is treated as sensitive data. Failure to observe these principles puts the professional reputation of the IET at risk. It may result in the Information Commissioner issuing an enforcement notice or criminal prosecution in respect of unlawful Version 3.0 Page 2 of 10
3 disclosure, unlawful obtaining or procuring of personal information, unlawful selling or offering to sell personal information etc. The eight Protection principles state that: 1. Personal Information must be fairly and lawfully processed o Personal information will only be collected with explicit or reasonably implied consent; this may be as part of initiating or entering into a contract. For example, a person applying for membership of the IET will receive information (by post or electronic means) about our various activities, unless they tell us they do not want this. If they choose to opt-out of marketing, they will continue to receive essential communications regarding their membership as defined in the Royal Charter and Bye-Laws. o Manual collection of addresses from third party websites for marketing purposes is not permitted as the individuals will not have had the opportunity to give their consent. o Personal information should not be collected from minors under 16 without prior advice and agreement from the Compliance Officer. 2. Personal information must be processes for limited purposes In practice, the second data protection principle means that you must: o be clear from the outset about why you are collecting personal information and what you intend to do with it o comply with the Act s fair processing requirements including the duty to give privacy notices to individuals when collecting their personal information o ensure that if you wish to use or disclose the personal information for any purpose that is additional to or different from the originally specified purpose, the new use or disclosure is fair. 3. Personal information must be adequate, relevant and not excessive o The personal information collected should be adequate and relevant for the purposes identified. Do not ask for more information than you need for the stated purposes. 4. Personal information must be accurate, and where necessary kept up to date o The IET will make every effort to ensure that personal information is accurate. When individuals tell us about changes to their details we must update our records to reflect this. 5. Personal information must not be kept for longer than necessary o The IET can keep personal information for as long as this is deemed reasonably necessary. o Each department must determine what personal information they hold, why it is needed, where it is kept and for how long remember to include archived data in the data retention schedule. o Do not keep data just in case. It is good practice to organise data purge days on an annual basis to dispose securely of data that is no longer needed. 6. Personal information must be processed in line with the rights of individuals Individuals have a right to: o Access the information the IET holds about them. This is called a Subject Access Request; more detail can be requested from the Compliance Officer. An individual has a right to see a copy of the personal information the IET holds about them, including duplicate copies where there may be, unintended, discrepancies in the data. The IET is required to respond within 40 days of receipt of the request and sufficient information to identify the individual. More Version 3.0 Page 3 of 10
4 o information about compliance to a Subject Access Request is available at the Information Commissioner s web site. Oppose to their details being processed for marketing purposes, this is called opting out. Every marketing message sent out must give recipients the opportunity to opt-out. When an individual opts-out of marketing, this must be acted upon immediately. 7. Personal information must be secure This includes technical, physical and organisational security. o Only those people who need to will be granted access to personal information o The IET will implement physical security measures to protect personal information o The IET will implement organisational controls to protect personal information The IET Information Security Policy should be viewed in conjunction with the Protection Policy Particular attention should be paid to: o Password Management o Secure Disposal Provision Advice on this can be obtained from the Compliance Officer. 8. Personal information must not be transferred outside the European Economic Area (EEA) unless there is adequate protection 1. o The IET can transfer personal information outside the EEA providing there are sufficient controls in place. This will most often mean that the IET will enter in a contractual relationship with a company to ensure that the data receives the same level of protection as in the UK. 4. GUIDELINES This document applies to: Personal information which is data relating to a living individual who can be identified from those data, or from those data and other information which is in the possession of, or is likely to come into the possession of, the controller. And relates to: All electronically processed personal data and information contained in certain manual records. Examples of where personal information can be held: Electronic records and media, e.g. databases, files, tapes, s etc. Manual records where there is evidence of a structured filing system; such as personnel files, member & customer files, training records, card indexes and paper lists of customer contracts s and voic s where the focus is on an individual CCTV recordings, video and photo s All volunteers dealing directly with personal information will be required to take part in training relating to the Protection Act, included in volunteer induction and refresher training. Personal information must only be processed in accordance with IET instructions and procedures. 1 Countries in the European Economic Area and deemed as having adequate protection are listed at Appendix A Version 3.0 Page 4 of 10
5 may only be used for the IET s business and for the purpose for which it has been compiled. Personal information should be protected in accordance with the IET Information Security Policy. Users accessing IET data over the web should log out of the secure site as soon as their query has been completed. No personal information held by, or on behalf of, the IET should be sold or inappropriately disclosed to a third party. Prior to the collection of personal information or the deployment of a process, system, service or application etc. which involves using personal information, a review should be held to determine: (a) (b) (c) (d) (e) (f) (g) (h) what personal information is to be collected, and its sensitivity; why this personal information is required the purpose ; the amount of personal information required to be collected; the retention period to keep the personal information; how the information (in electronic form and hardcopy) will be protected; where the information will be held (electronic & physical location); who will have access; the process by which the information will be disclosed in the event of a Subject Access Request. (see for details). For further information please contact the Compliance Officer. Any volunteer storing personal information on behalf of the IET is responsible for ensuring adequate controls are in place for its protection. All data must be encrypted and/or password protected before it is transferred. All devices used to store and transfer data (such as laptops or USB memory sticks) must be encrypted. Any new purposes for collecting data should be communicated to the IET Compliance Officer. Personal information should be held with an indication as to the date of its collection or modification and review or deletion. The collection and processing of sensitive personal information (e.g. racial or ethnic origin, health, political views, religious beliefs, trade union membership etc.) requires very strict controls. Sensitive personal information should only be collected with the explicit consent of the individual it pertains to, and should not be collected without prior authorisation from the IET Compliance Officer. All external requests for disclosure by the individual whose data it is (Subject Access Requests, police enquiries etc.) should be forwarded to the IET Compliance Officer, who will coordinate and collate the response. Volunteers must submit all details of IET members, prospective members, event delegates and any other individual who has disclosed their contact (and other) details in connection with the IET whenever requested by the Compliance Officer. This instruction takes precedence over all other guidelines. transfer will be compliant with the data protection laws of the country of collection. Version 3.0 Page 5 of 10
6 5. RESPONSIBILITIES Where relevant, all volunteer role descriptions should contain a statement clearly defining their responsibilities to safeguard data. The IET will obtain and maintain all necessary data protection notifications, keep its notifications current and under regular review, and ensure that all necessary amendments are promptly made. The public register can be searched here: The IET will ensure that its practices relating to the holding, use and disclosure of personal information are always in accordance with its data protection notification. The IET Compliance Officer is responsible for the IET interaction with the Information Commissioner s Office and overseeing the IET data protection governance process. Contact with the ICO should always be with the prior knowledge of the Compliance Officer. Regular self-assessments of IET volunteer activities should be carried out to check compliance to the Protection Policy and related policies. Reports on the status of compliance will be reported to the Board of Trustees. Clear guidance should be set on the retention period for personal information and the period it is available to process for a particular purpose. For example, in the case of mailing labels provided by the IET, these should be used within ten days and then deleted. A fresh dataset should be requested for each subsequent mailing. Or, in the case of candidate applications for Registration, data should be held only from the point of receipt of a candidate application to completion of the process. Should the candidate appeal, IET staff will resend the necessary information. Volunteers should ensure the safe removal of personal information from all files and systems. The Compliance Officer will ensure that any request for transfer of data outside the volunteer s country of residence or country of data collection will be compliant with data protection laws of the respective country. If there is any doubt about the requirements of this Protection Policy and guidelines, volunteers should seek advice from the IET Compliance Officer. Version 3.0 Page 6 of 10
7 6. APPENDIX A: Countries with adequate protection to comply with the UK Protection Act 1998 Countries in the European Economic Area (EEA) Austria Belgium Bulgaria Cyprus Czech Republic Denmark Estonia Finland France Germany Greece Hungary Iceland Latvia Liechtenstein Lithuania Luxembourg Malta Netherlands Norway Poland Portugal Romania Slovakia Slovenia Spain Sweden Ireland Countries outside the EEA deemed to have adequate protection to comply with the UK Protection Act 1998: Andorra Argentina Canada Faroe Islands Guernsey Isle of Man Jersey Switzerland Version 3.0 Page 7 of 10
8 7. DEFINITIONS Term Consent Implied (Implicit) & Explicit Cookies collection from minors Controller Processor Definition Consent is one of the conditions under which personal information may be processed. See processing. The majority of the IET s processing activities are as a result of the data subject implicitly or explicitly giving consent. For example, a caller requesting information or giving feedback about the IET will implicitly expect their name address and or contact details to be processed in order to address their call. The caller might not expect information relating to their age or occupation to be requested. If it is required, there may need to be an explanation as to why this information is necessary whereupon the caller may consent to the information to be used. Date of birth may be used to distinguish between two individuals of the same name living at the same address. This may need to be explained. For example, an online registration is where information will be collected with explicit consent i.e. the individual registering is freely giving the IET personal information. The IET must still ensure that the request for information is not excessive. Only request sufficient information to enable the IET to maintain a relationship with the individual in order to provide the service that is being offered. Cookies are small pieces of text that a Web site can store on your computer and recover later to identify users and track data relating to them when they are visiting a web site. They are also used to identify whether you have visited that site before and if so recall the information about you already collected and stored. The IET Cookies statement is available here. Personal information must only be collected from minors with the explicit and verifiable consent of the minor s guardian / parent unless the minor is aged 16 years or over, the information is restricted to that necessary to enable the minor to be sent further but limited on-line communications and it is clear that the minor understands what is involved. Information about the minor s parents or guardian may not be collected. This is the IET as an organisation. It is responsible for the personal information it controls. Where the IET processes personal information on behalf of another organisation, there should be clear guidance, given in writing to the IET (the data processor ), regarding the purpose of use of the data and how it is to be processed. The IET will offer the same safeguards as though it were the controller of the data. Similarly, where the IET contracts a third party to perform a function on its behalf then the third party is a data processor. The IET is still obligated under the Protection Act. Version 3.0 Page 8 of 10
9 Term Protection notification Compliance Officer Subject Information Commissioner Definition The Protection Act 1998 requires every data controller who is processing personal information to provide a description of the type of processing of personal information the notification to the Information Commissioner unless they are exempt. The IET s registration is held in a public register and may be viewed at Having registered, the IET must ensure its processing does not deviate from its notification or update the notification. If a required purpose of use is outside the current notification, the notification must be updated. Contact the Compliance Officer to facilitate a timely update. The individual within the organisation with responsibility to oversee compliance and liaise with the Information Commissioner s office. This is the Compliance Officer. They can be contacted using the following address: compliance@theiet.org and telephone number: A living individual, who is the subject of the personal information. Where information is held about an individual because of their official business capacity - i.e., information about a Manager of an organisation; their name, company name, work address; contact details in most cases, the individual is not regarded as a Subject. The exception to this rule is where the individual is a sole trader or partnership. The Information Commissioner enforces and oversees the Protection Act 1998 (DPA) and the Freedom of Information Act 2000 (FOI). The Commissioner is a UK independent supervisory authority reporting directly to the UK Parliament and has an international role as well as a national one. The Information Commissioner s Office is very helpful. In the event of a query or inappropriate disclosure, it is good practice to contact the Information Commissioner s office and seek their advice. Such contact will be arranged via the Compliance Officer. More specific contact information is available on the Commissioner s web site Personal information Information that uniquely locates or identifies an individual by distinguishing him or her from others. Includes an individual s name, address, address, home or mobile phone number, age, date of birth, education, qualifications and sensitive data (see definition below). IET comments about, or plans for, an individual are also included. In the on-line world, personal information include profile information collected about an individual by tracking systems, such as those that use cookies. The IET holds personal information about employees, members, non-members and various other stakeholder individuals. Where information is held about an individual because of their official capacity - i.e., information about a Manager of an organisation; their name, company name, work address; contact details this is not classed as personal information. By comparison, data collected about an individual, say Joe Smith, such as his job title and company of employment is classed as personal information. Version 3.0 Page 9 of 10
10 Term Processing Definition Processing is defined in the widest sense. This includes collecting, recording, storing, reading, modifying, using, transmitting, transferring, disclosing, archiving and deleting. A data subject s personal information may only be processed by the IET if one of the following conditions are met: the individual has consented to the processing; processing is necessary for the performance of a contract with the individual, or start negotiating a contract; processing is required under a legal obligation, other than a contractual one; processing is necessary to protect the vital interests of the individual; processing is necessary to carry out public functions, e.g., administration of justice; processing is necessary in order to pursue the legitimate interests of the IET or third parties and is not unfair to the individual; The majority of the IET s processing activities are as a result of the first two criteria. Purpose of Use Sensitive Statistical or Anonymised Subject Access Request The stated organisational activities for which the personal information are, or will be used, as decided by the IET. Refer to Direct Marketing Policy & Guidelines for standard wording to be used on all forms collecting personal information. Sensitive personal information includes, but is not limited to, racial or ethnic origin, health, political views, religious beliefs, sexual life, trade union membership etc. Although financial data is not covered by the Act, it is recommended that this is treated as sensitive data. Sensitive data may only be collected with explicit consent. Statistical data (or anonymised data) is where the identity of an individual has been removed such that processing beyond that described in the purpose for use may occur. Care should still be taken when processing statistical data because the IET may still keep the source data, and therefore may retain the capability to subsequently identify the individuals from the anonymised data. An individual has a right to see a copy of the personal information the IET holds about them, including duplicate copies where there may be, unintended, discrepancies in the data. The IET is required to respond within 40 days of receipt of the request and sufficient information to identify the individual. More information about compliance to a Subject Access Request is available at the Information Commissioner s web site. All subject access requests must be notified to the Compliance Officer as soon as it is received. Version 3.0 Page 10 of 10
GDPR Implications for ediscovery from a legal and technical point of view
GDPR Implications for ediscovery from a legal and technical point of view Friday Paul Lavery, Partner, McCann FitzGerald Ireland Meribeth Banaschik, Partner, Ernst & Young Germany mccannfitzgerald.com
More informationThis policy sets out how Legacy Foresight and its Associates will seek to ensure compliance with the legislation.
Privacy Notice August 2018 Introduction The General Data Protection Regulation (GDPR) is European wide data protection legislation that requires organisations working with individuals based in the European
More informationCCTV Policy. Policy reviewed by Academy Transformation Trust on June This policy links to: Safeguarding Policy Data Protection Policy
CCTV Policy Policy reviewed by Academy Transformation Trust on June 2018 This policy links to: Located: Safeguarding Policy Data Protection Policy Review Date May 2019 Our Mission To provide the very best
More informationCCTV Policy. Policy reviewed by Academy Transformation Trust on June This policy links to: T:Drive. Safeguarding Policy Data Protection Policy
CCTV Policy Policy reviewed by Academy Transformation Trust on June 2018 This policy links to: Safeguarding Policy Data Protection Policy Located: T:Drive Review Date May 2019 Our Mission To provide the
More informationEXIN Privacy and Data Protection Foundation. Preparation Guide. Edition
EXIN Privacy and Data Protection Foundation Preparation Guide Edition 201701 Content 1. Overview 3 2. Exam requirements 5 3. List of Basic Concepts 9 4. Literature 15 2 1. Overview EXIN Privacy and Data
More informationGDPR Awareness. Kevin Styles. Certified Information Privacy Professional - Europe Member of International Association of Privacy professionals
GDPR Awareness Kevin Styles Certified Information Privacy Professional - Europe Member of International Association of Privacy professionals Introduction Privacy and data protection are fundamental rights
More informationPrivacy Impact Assessment on use of CCTV
Appendix 2 Privacy Impact Assessment on use of CCTV CCTV is currently in the majority of the Council s leisure facilities, however this needs to be extended to areas not currently covered by CCTV. Background
More informationPrivacy Policy SOP-031
SOP-031 Version: 2.0 Effective Date: 18-Nov-2013 Table of Contents 1. DOCUMENT HISTORY...3 2. APPROVAL STATEMENT...3 3. PURPOSE...4 4. SCOPE...4 5. ABBREVIATIONS...5 6. PROCEDURES...5 6.1 COLLECTION OF
More informationMunkaanyag
TECHNICAL SPECIFICATION SPÉCIFICATION TECHNIQUE TECHNISCHE SPEZIFIKATION CEN/TS 16555-4 December 2014 ICS 03.100.40; 03.100.50; 03.140 English Version Innovation management - Part 4: Intellectual property
More informationGeneral Questionnaire
General Questionnaire CIVIL LAW RULES ON ROBOTICS Disclaimer This document is a working document of the Committee on Legal Affairs of the European Parliament for consultation and does not prejudge any
More informationFirst Components Ltd, Savigny Oddie Ltd, & Datum Engineering Ltd. is pleased to provide the following
Privacy Notice Introduction This document refers to personal data, which is defined as information concerning any living person (a natural person who hereafter will be called the Data Subject) that is
More informationREPORT FROM THE COMMISSION. of TO THE ECONOMIC AND FINANCIAL COMMITTEE
EUROPEAN COMMISSION Brussels, 14.10.2015 C(2015) 6960 final REPORT FROM THE COMMISSION of 14.10.2015 TO THE ECONOMIC AND FINANCIAL COMMITTEE under Article 12(4) of Regulation (EU) No 1210/2010 of the European
More informationProtection of Privacy Policy
Protection of Privacy Policy Policy No. CIMS 006 Version No. 1.0 City Clerk's Office An Information Management Policy Subject: Protection of Privacy Policy Keywords: Information management, privacy, breach,
More informationPublic Consultation: Science 2.0 : science in transition
DIRECTORATES-GENERAL FOR RESEARCH AND INNOVATION (RTD) AND COMMUNICATIONS NETWORKS, CONTENT AND TECHNOLOGY (CONNECT) Public Consultation: Science 2.0 : science in transition QUESTIONNAIRE A. Information
More informationTrade Barriers EU-Russia based in technical regulations
Trade Barriers EU-Russia based in technical regulations Introduction Russia is a large market that offers business opportunities for companies like yours. However, accessing this market can be somehow
More informationGuidelines for the Stage of Implementation - Self-Assessment Activity
GUIDELINES FOR PRIVACY AND INFORMATION MANAGEMENT (PIM) PROGRAM SELF-ASSESSMENT ACTIVITY Guidelines for the Stage of Implementation - Self-Assessment Activity PURPOSE This tool is for the use of school
More information2018/2019 HCT Transition Period OFFICIAL COMPETITION RULES
2018/2019 HCT Transition Period OFFICIAL COMPETITION RULES 1. INTRODUCTION These HCT Transition Period Official Competition Rules ( Official Rules ) govern how players earn Hearthstone Competitive Points
More informationShadowverse World Circuit: DreamHack Tours Rules
Shadowverse World Circuit: DreamHack Tours Rules Presented and hosted by DreamHack The DreamHack administration team holds the right to alter rules at any time, to ensure fair play. Introduction The following
More informationJoint Convention on the Safety of Spent Fuel Management and on the Safety of Radioactive Waste Management
JC/RM3/02/Rev2 Joint Convention on the Safety of Spent Fuel Management and on the Safety of Radioactive Waste Management Third Review Meeting of the Contracting Parties 11 to 20 May 2009, Vienna, Austria
More informationWalkie Talkie APMP300. User manual
Walkie Talkie User manual Table of contents 1. Safety 1 1.1 Intended use 3 1. Labels in this manual 3. Preparations for use.1 Unpacking 4. Package contents 5.3 Charge the battery.4 Insert batteries 3.
More informationEU Ecolabel EMAS Environmental Technology Verification (ETV) State-of-play and evaluations
EU Ecolabel EMAS Environmental Technology Verification (ETV) State-of-play and evaluations Pierre Henry DG Environment B1 3 instruments of Circular Economy action plan Improving the efficiency and uptake
More informationRobert Bond Partner, Commercial/IP/IT
Using Privacy Impact Assessments Effectively robert.bond@bristows.com Robert Bond Partner, Commercial/IP/IT BA (Hons) Law, Wolverhampton University Qualified as a Solicitor 1979 Qualified as a Notary Public
More informationEconomic and Social Council
United Nations Economic and Social Council ECE/CES/GE.41/2013/3 Distr.: General 15 August 2013 Original: English Economic Commission for Europe Conference of European Statisticians Group of Experts on
More informationImplementing the International Safety Framework for Space Nuclear Power Sources at ESA Options and Open Questions
Implementing the International Safety Framework for Space Nuclear Power Sources at ESA Options and Open Questions Leopold Summerer, Ulrike Bohlmann European Space Agency European Space Agency (ESA) International
More informationPhotography and Videos at School Policy
Photography and Videos at School Policy Last updated: 25 May 2018 Contents: Statement of intent 1. Legal framework 2. Definitions 3. Roles and responsibilities 4. Parental consent 5. General procedures
More informationOcean Energy Europe Privacy Policy
Ocean Energy Europe Privacy Policy 1. General 1.1 This is the privacy policy of Ocean Energy Europe AISBL, a non-profit association with registered offices in Belgium at 1040 Brussels, Rue d Arlon 63,
More informationOBN BioTuesday: Sources of Public Non-Dilutable Funding & Export Support to UK R&D Companies
OBN BioTuesday: Sources of Public Non-Dilutable Funding & Export Support to UK R&D Companies SME Instrument and Eurostars Jane Watkins National Contact Point Horizon 2020 SME Instrument and Eurostars Jane
More information2018 / Photography & Video Bell Lane Primary School & Children s Centre
2018 / 2019 Photography & Video Use @ Bell Lane Primary School & Children s Centre Bell Lane Primary School & Children s Centre Responsible: Headteacher & Governing Body Last reviewed: Summer 2018 Review
More informationEuropean Union General Data Protection Regulation Effects on Research
European Union General Data Protection Regulation Effects on Research Mark Barnes Partner, Ropes & Gray LLP Co-Director, Multi-Regional Clinical Trials Center of Brigham and Women s Hospital and Harvard
More informationEnglish version. Audio, video and similar electronic apparatus - Safety requirements
EUROPEAN STANDARD EN 60065/A12 NORME EUROPÉENNE EUROPÄISCHE NORM February 2011 ICS 97.020 English version Audio, video and similar electronic apparatus - Safety requirements Appareils audio, vidéo et appareils
More informationARTICLE 29 Data Protection Working Party
ARTICLE 29 Data Protection Working Party Brussels, 10 April 2017 Hans Graux Project editor of the draft Code of Conduct on privacy for mobile health applications By e-mail: hans.graux@timelex.eu Dear Mr
More informationIAB Europe Guidance THE DEFINITION OF PERSONAL DATA. IAB Europe GDPR Implementation Working Group WHITE PAPER
IAB Europe Guidance WHITE PAPER THE DEFINITION OF PERSONAL DATA Five Practical Steps to help companies comply with the E-Privacy Working Directive Paper 02/2017 IAB Europe GDPR Implementation Working Group
More informationPre-Commercial Procurement (PCP) Actions
Pre-Commercial Procurement (PCP) Actions Open call in Objective 11.1 Targeted Calls in objectives 5.1(d), 11.2, 11.3, 8.2, 5.1(e)(1), 2.2(b) lieve.bos@ec.europa.eu EU Commission, DG INFSO Lisbon policy
More informationhttps://www.icann.org/en/system/files/files/interim-models-gdpr-compliance-12jan18-en.pdf 2
ARTICLE 29 Data Protection Working Party Brussels, 11 April 2018 Mr Göran Marby President and CEO of the Board of Directors Internet Corporation for Assigned Names and Numbers (ICANN) 12025 Waterfront
More informationTHE UNIVERSITY OF AUCKLAND INTELLECTUAL PROPERTY CREATED BY STAFF AND STUDENTS POLICY Organisation & Governance
THE UNIVERSITY OF AUCKLAND INTELLECTUAL PROPERTY CREATED BY STAFF AND STUDENTS POLICY Organisation & Governance 1. INTRODUCTION AND OBJECTIVES 1.1 This policy seeks to establish a framework for managing
More informationFiscal 2007 Environmental Technology Verification Pilot Program Implementation Guidelines
Fifth Edition Fiscal 2007 Environmental Technology Verification Pilot Program Implementation Guidelines April 2007 Ministry of the Environment, Japan First Edition: June 2003 Second Edition: May 2004 Third
More informationH2020 Excellent science arie Skłodowska-Curie Actions. Your research career in Europe. 17 November 2015
H2020 Excellent science arie Skłodowska-Curie Actions Your research career in Europe 17 November 2015 As a researcher I want to undertake a project in Europe, in an academic or other (e.g. business) setting
More information1 SERVICE DESCRIPTION
DNV GL management system ICP Product Certification ICP 4-6-3-5-CR Document number: ICP 4-6-3-5-CR Valid for: All in DNV GL Revision: 2 Date: 2017-05-05 Resp. unit/author: Torgny Segerstedt Reviewed by:
More informationDiana Gordick, Ph.D. 150 E Ponce de Leon, Suite 350 Decatur, GA Health Insurance Portability and Accountability Act (HIPAA)
Diana Gordick, Ph.D. 150 E Ponce de Leon, Suite 350 Decatur, GA 30030 Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES I. COMMITMENT TO YOUR PRIVACY: DIANA GORDICK,
More informationThe EU's new data protection regime Key implications for marketers and adtech service providers Nick Johnson and Stephen Groom 11 February 2016
The EU's new data protection regime Key implications for marketers and adtech service providers Nick Johnson and Stephen Groom 11 February 2016 General Data Protection Regulation ("GDPR") timeline 24.10.95
More informationHot rolled square steel bars for general purposes Dimensions and tolerances on shape and dimensions
BRITISH STANDARD BS EN 10059:2003 Hot rolled square steel bars for general purposes Dimensions and tolerances on shape and dimensions The European Standard EN 10059:2003 has the status of a British Standard
More informationEnglish Version. Conservation of cultural property - Main general terms and definitions concerning conservation of cultural property
EUROPEAN STANDARD NORME EUROPÉENNE EUROPÄISCHE NORM ICS 01.040.97; 97.195 English Version DRAFT pren 15898 January 2009 Conservation of cultural property - Main general terms and definitions concerning
More informationEmployees, contractors and other personnel of KKR should note that a separate privacy notice will be made available to them.
Version 18 May 2018 PRIVACY NOTICE FOR EU RESIDENTS KKR respects your privacy and is committed to protecting your personal information. This privacy notice will inform you as to how we look after your
More informationPhotography policy. Policy history
Reference: Date Approved: April 2017 Approving Body: Director of External Affairs on behalf of Directors Team Implementation Date: April 2017 Version: 1.0 Supersedes: Stakeholder groups consulted: Target
More informationPRIVACY IMPACT ASSESSMENT
PRIVACY IMPACT ASSESSMENT PRIVACY IMPACT ASSESSMENT The template below is designed to assist you in carrying out a privacy impact assessment (PIA). Privacy Impact Assessment screening questions These questions
More informationThe General Data Protection Regulation
The General Data Protection Regulation Advice to Justice and Home Affairs Ministers Executive Summary Market, opinion and social research is an essential tool for evidence based decision making and policy.
More informationChem & Bio non-proliferation
Chem & Bio non-proliferation Workshop on the Export Control of Dual-use Materials and Technologies in GUAM Countries Kyiv, Ukraine, 14 March 2018 Independent Arms Control Consultant Circe poisoning the
More informationMunkaanyag
TECHNICAL SPECIFICATION SPÉCIFICATION TECHNIQUE TECHNISCHE SPEZIFIKATION CEN/TS 16555-6 December 2014 ICS 03.100.40; 03.100.50 English Version Innovation management - Part 6: Creativity management Management
More informationCalifornia State University, Northridge Policy Statement on Inventions and Patents
Approved by Research and Grants Committee April 20, 2001 Recommended for Adoption by Faculty Senate Executive Committee May 17, 2001 Revised to incorporate friendly amendments from Faculty Senate, September
More informationPersonal Data Protection Competency Framework for School Students. Intended to help Educators
Conférence INTERNATIONAL internationale CONFERENCE des OF PRIVACY commissaires AND DATA à la protection PROTECTION des données COMMISSIONERS et à la vie privée Personal Data Protection Competency Framework
More informationMinistry of Justice: Call for Evidence on EU Data Protection Proposals
Ministry of Justice: Call for Evidence on EU Data Protection Proposals Response by the Wellcome Trust KEY POINTS It is essential that Article 83 and associated derogations are maintained as the Regulation
More informationProvision of IET Business Cards and Addresses to Volunteers Policy
Addresses to Volunteers Policy The Institution of Engineering and Technology Michael Faraday House Six Hills Way Stevenage SG1 2AY Addresses to Volunteers Policy 1. Why we have this Policy 1.1. Volunteers
More informationBARRIE PUBLIC LIBRARY COLLECTION DEVELOPMENT POLICY MOTION #16-34 Revised June 23, 2016
TABLE OF CONTENTS 1. PURPOSE OF THE POLICY... 2 2. RESPONSIBILITIES... 2 3. GENERAL PRINCIPLES OF SELECTION... 2 4. SPECIAL COLLECTIONS... 6 5. DONATIONS OF MATERIALS... 7 6. COLLECTION MAINTENANCE...
More informationILNAS-EN 14136: /2004
05/2004 National Foreword This European Standard EN 14136:2004 was adopted as Luxembourgish Standard in May 2004. Every interested party, which is member of an organization based in Luxembourg, can participate
More informationDNVGL-CG-0214 Edition September 2016
CLASS GUIDELINE DNVGL-CG-0214 Edition September 2016 The content of this service document is the subject of intellectual property rights reserved by ("DNV GL"). The user accepts that it is prohibited by
More informationISO/IEC INTERNATIONAL STANDARD. Information technology Security techniques Privacy framework
INTERNATIONAL STANDARD ISO/IEC 29100 First edition 2011-12-15 Information technology Security techniques Privacy framework Technologies de l'information Techniques de sécurité Cadre privé Reference number
More informationEnglish Version EUROPEAN COMMITTEE FOR STANDARDIZATION COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG
EUROPEAN STANDARD NORME EUROPÉENNE EUROPÄISCHE NORM EN 10226-2 August 2005 ICS 21.040.30 English Version Pipe threads where pressure tight joints are made on the threads - Part 2: Taper external threads
More informationBiometric Data, Deidentification. E. Kindt Cost1206 Training school 2017
Biometric Data, Deidentification and the GDPR E. Kindt Cost1206 Training school 2017 Overview Introduction 1. Definition of biometric data 2. Biometric data as a new category of sensitive data 3. De-identification
More informationI hope you will find these comments constructive and helpful.
Delayed Office Opening for Employee Training This office will be closed from 8.45am - 11.00am on the first Thursday of each month. Services for Children, Young People & Families Head of Service: Jacquie
More informationCorporate Services. Yes. Chief Executive Officer. Head of Legal and Compliance. Policy and Compliance Officer
Privacy Policy Category/Business Group Published Externally (Yes/No) Approver Responsible Officer Contact Officer Corporate Services Yes Chief Executive Officer Head of Legal and Compliance Policy and
More informationMISSISSAUGA LIBRARY COLLECTION POLICY (Revised June 10, 2015, Approved by the Board June 17, 2015)
MISSISSAUGA LIBRARY COLLECTION POLICY (Revised June 10, 2015, Approved by the Board June 17, 2015) PURPOSE To provide library customers and staff with a statement of philosophy and the key objectives respecting
More informationICO submission to the inquiry of the House of Lords Select Committee on Communications - The Internet : To Regulate or not to Regulate?
Information Commissioner s Office ICO submission to the inquiry of the House of Lords Select Committee on Communications - The Internet : To Regulate or not to Regulate? 16 May 2018 V. 1.0 Final 1 Contents
More informationThis document is a preview generated by EVS
CEN WORKSHOP AGREEMENT CWA 17327 September 2018 ICS 03.080.30; 03.200.01 English version Hotel General Manager - Knowledge, skills and competence requirements This CEN Workshop Agreement has been drafted
More informationWalkie Talkie APMP500. User manual
Walkie Talkie APMP500 User manual 1. Table of contents SAFETY 1.1 Intended use 1. Labels in this manual 1.3 General safety instructions 5. Preparations for use 5.1 Unpacking 5. Package contents.3 Place
More informationFINAL DRAFT TECHNICAL REPORT CLC/FprTR RAPPORT TECHNIQUE TECHNISCHER BERICHT January English version
FINAL DRAFT TECHNICAL REPORT CLC/FprTR 50579 RAPPORT TECHNIQUE TECHNISCHER BERICHT January 2012 ICS English version Electricity metering equipment - Severity levels, immunity requirements and test methods
More informationNational Census Geography Some lessons learned and future challenges in European countries
UNSD-AITRS Regional Workshop on the Integration of Statistical and Geospatial Information Amman, Jordan, 16-20 February, 2015 National Census Geography Some lessons learned and future challenges in European
More informationConsultation on Long Term sustainability of Research Infrastructures
Consultation on Long Term sustainability of Research Infrastructures Fields marked with are mandatory. 1. Introduction The political guidelines[1] of the European Commission present an ambitious agenda
More informationRef: Overview of the implementation of the TRIPS Agreement (patents) in the EPC contracting states and observer countries
CA/PL 3/97 * Orig.: English ** Munich, 08.04.1997 SUBJECT: DRAWN UP BY: ADDRESSEES: Implementation of the TRIPS Agreement European Patent Office Committee on Patent Law (for information) Ref: Overview
More informationMuseum & Archives Access Policy
Museum & Archives Access Policy The access policy sets out how we will make the museum and archives collections accessible to a wide audience. Policy owner Executive Director of Communications & Engagement
More informationECONOMIC PARTNERSHIP AGREEMENT BETWEEN THE CARIFORUM STATES, OF THE ONE PART, AND THE EUROPEAN COMMUNITY AND ITS MEMBER STATES, OF THE OTHER PART
ECONOMIC PARTNERSHIP AGREEMENT BETWEEN THE CARIFORUM STATES, OF THE ONE PART, AND THE EUROPEAN COMMUNITY AND ITS MEMBER STATES, OF THE OTHER PART Objectives Article 1 The objectives of this Agreement are:
More informationTHE DIGITALISATION CHALLENGES IN LITHUANIAN ENGINEERING INDUSTRY. Darius Lasionis LINPRA Director November 30, 2018 Latvia
THE DIGITALISATION CHALLENGES IN LITHUANIAN ENGINEERING INDUSTRY Darius Lasionis LINPRA Director November 30, 2018 Latvia THE ENGINEERING INDUSTRIES ASSOCIATION OF LITHUANIA (LINPRA) is an independent
More informationStriving for Excellence. Ark Oval Primary Academy
Striving for Excellence Ark Oval Primary Academy DIGITAL STILLS AND VIDEO IMAGES POLICY 2015 0 Policy for Photographs and Photography Introduction Photography in schools is subject to the Data Protection
More informationJustice Select Committee: Inquiry on EU Data Protection Framework Proposals
Justice Select Committee: Inquiry on EU Data Protection Framework Proposals Response by the Wellcome Trust KEY POINTS The Government must make the protection of research one of their priorities in negotiations
More informationThis document is a preview generated by EVS
TECHNICAL SPECIFICATION SPÉCIFICATION TECHNIQUE TECHNISCHE SPEZIFIKATION CEN ISO/TS 16530-2 December 2015 ICS 75.180.10 English Version integrity - Part 2: integrity for the operational phase (ISO/TS 16530-2:2014)
More informationData Protection and Information Security. Photography and Filming - Guidelines for the use of Personal Data
Data Protection and Information Security Photography and Filming - Guidelines for the use of Personal Data Page 1 of 7 Created on: 05/06/2013 Contents 1. Introduction... 3 2. Definitions... 3 3. Consent...
More informationUse of Camera and Mobile Policy. Use of Camera and Mobile Phone Policy
Use of Camera and Mobile Phone Policy Policy Owner Designated Safeguarding Lead Formally endorsed by Council of Trustees Endorsement Date May 2018 Next Review Date May 2019 This Policy applies to all Staff,
More informationOctober 20 th 2017, Webinar Beatrice Barresi, Rita Rinaldo ESA UNCLASSIFIED - For Official Use
October 20 th 2017, Webinar Beatrice Barresi, Rita Rinaldo Beatrice.Barresi@esa.int Rita.Rinaldo@esa.int AGENDA 11:30-11:50 Welcome by ESA Introduction to the Kick-start Activity What ESA offers Kick-start
More informationUW REGULATION Patents and Copyrights
UW REGULATION 3-641 Patents and Copyrights I. GENERAL INFORMATION The Vice President for Research and Economic Development is the University of Wyoming officer responsible for articulating policy and procedures
More informationVital Records Data Practices Manual
Vital Records Data Practices Manual FOR COUNTY VITAL RECORDS OFFICES Revised November 2016 OFFICE OF VITAL RECORDS Contents Vital Records Data Practices Manual... 0 Section I: Government Records... 2 Life
More informationJune 2014 For any information or queries relating to fundraising for headspace, please contact:
Fundraising Guidelines QLD June 2014 For any information or queries relating to fundraising for headspace, please contact: headspace Terms and Conditions for Conducting a Fundraising Event in Queensland
More informationNAME UNITE MEMBERSHIP NO. EMPLOYER PLATFORM CONTACT NUMBER WHAT CONTRACTUAL CHANGES HAVE BEEN IMPOSED? DATE CHANGES TOOK EFFECT?
Dear member Following Unite s recent consultative ballot and further talks with the OCA, Unite has made it clear to the employers that as a result of their attacks on our members it cannot be business
More informationHSBC Recruitment. Your candidate guide post offer. What happens next? PUBLIC
HSBC Recruitment Your candidate guide post offer What happens next? Information to help you Introduction your contract, flexible benefits and screening Welcome! Congratulations on your success with joining
More informationINTERNATIONAL CIVIL AVIATION ORGANIZATION
EUR DOC 024 Attachment INTERNATIONAL CIVIL AVIATION ORGANIZATION EUROPEAN PRINCIPLES AND PROCEDURES FOR THE ALLOCATION OF SECONDARY SURVEILLANCE RADAR MODE S INTERROGATOR CODES (IC) 2011 ATTACHMENT MODE
More informationTowards a New IP Consciousness in Universities and R&D Institutions: Case Show
IP Policy for Universities and Research and Development Institutions Tallinn, Estonia April 3, 2014 Towards a New IP Consciousness in Universities and R&D Institutions: Case Show Laurent Manderieux L.
More informationBritish Columbia s Environmental Assessment Process
British Columbia s Environmental Assessment Process Seminar #2 Guide for Aboriginal Groups and the General Public on the BC Environmental Assessment Process February 23, 2016 Paul Craven About the BC Environmental
More informationJob opportunities for scientists and engineers
Job opportunities for scientists and engineers José Santacroce, director Christophe Quesson, examiner Noelia González Carballo, examiner Santiago, 29 & Vigo, 30 September 2014 Part I : About us Presentation
More informationPatented Medicine Prices Review Board P M P R B GUIDELINES REFORM. 15 th Annual Market Access Summit. Douglas Clark Executive Director PMPRB
Patented Medicine Prices Review Board P M P R B GUIDELINES REFORM Douglas Clark Executive Director PMPRB 15 th Annual Market Access Summit Background Canada enacted a two-fold reform of its drug patent
More informationCommunicating Framework Programme 7. European Commission Research DG Pablo AMOR
Communicating Framework Programme 7 European Commission Research DG Pablo AMOR Launching FP7 Conference for Information Multipliers Brussels, 7-8 February 2007 Information on European research Web Press
More informationHong Kong Personal Data Protection Regulatory Framework From Compliance to Accountability
Legal Week s Corporate Counsel Forum 2016 Renaissance Harbour View Hotel 23 June 2016 Hong Kong Personal Data Protection Regulatory Framework From Compliance to Accountability Stephen Kai-yi Wong Privacy
More informationENGINEERING DRAWINGS MANAGEMENT POLICY (IFC/AS BUILTS)
Approval Amendment Record Approval Date Version Description 15/10/2015 1 This policy takes precedence over L1-NAM-PRO-003 Infrastructure As Built Drawing Management due to business restructures. New Content
More informationEN Official Journal of the European Communities
25.6.2001 EN Official Journal of the European Communities L 170/91 Regulation No 38 of the Economic Commission for Europe of the United Nations (UN/ECE) uniform provisions concerning the approval of rear
More informationGeneral Licence No. GL - 22/R/2003
Prague, May 20 th, 2003 Ref. No. 16 584/03-613 The Czech Telecommunication Office (hereinafter only "the Office ) as the competent body of State administration issues, pursuant to 95, Item 3, Letter d)
More informationICC Rev May 2008 Original: English. Agreement. International Coffee Council 100th Session May 2008 London, England
ICC 100-6 Rev. 1 International Coffee Organization Organización Internacional del Café Organização Internacional do Café Organisation Internationale du Café 19 May 2008 Original: English Agreement E International
More informationDetails of the Proposal
Details of the Proposal Draft Model to Address the GDPR submitted by Coalition for Online Accountability This document addresses how the proposed model submitted by the Coalition for Online Accountability
More informationThis document is a preview generated by EVS
CEN WORKSHOP CWA 16336 September 2011 AGREEMENT ICS 59.060.10 English version Superfine woven wool fabric labelling - Requirements for Super S code definition This CEN Workshop Agreement has been drafted
More informationUK Research and Innovation Conflicts of Interest Policy
UK Research and Innovation Conflicts of Interest Policy Contents: Policy Statement 1. Introduction and Purpose. 2. Principles 3. Policy Review. 4. Definitions 5. Examples of Conflicts of Interest 6. Policy
More informationSubmission to the Governance and Administration Committee on the Births, Deaths, Marriages, and Relationships Bill
National Office Level 4 Central House 26 Brandon Street PO Box 25-498 Wellington 6146 (04)473 76 23 office@ncwnz.org.nz www.ncwnz.org.nz 2 March 2018 S18.05 Introduction Submission to the Governance and
More informationSPONSORSHIP AND DONATION ACCEPTANCE POLICY
THE NATIONAL GALLERY SPONSORSHIP AND DONATION ACCEPTANCE POLICY Owner: Head of Development Approved by the National Gallery Board of Trustees on: September 2018 Date of next review by Board: September
More informationthe Reinsurance Mechanism
The European Unemployment Insurance 2.0: the Reinsurance Mechanism Miroslav Beblavý (with Daniel Gros and Ilaria Maselli) CEPS Why Reinsurance? Appropriateness of the solution always depends on problem
More informationThis document is a preview generated by EVS
EESTI STANDARD EVS-EN 13186:2005 Feather and down - Specification for feather and down filled bedding articles Feather and down - Specification for feather and down filled bedding articles EESTI STANDARDIKESKUS
More information