+ Post New Thread
Results 1 to 6 of 6
General Chat Thread, Data Protection Act Principles... Practical Examples/Breaches? in General; Hi All, I'm putting together some training on the Data Protection Act. I would like to provide some practical examples ...
  1. #1
    Gongalong's Avatar
    Join Date
    Oct 2011
    Location
    United Kingdom
    Posts
    975
    Thank Post
    905
    Thanked 21 Times in 19 Posts
    Rep Power
    11

    Question Data Protection Act Principles... Practical Examples/Breaches?

    Hi All,

    I'm putting together some training on the Data Protection Act.

    I would like to provide some practical examples of Do's and Don'ts alongside the no-doubt-yawn-inducing 8 principles. Some principles are much easier than others and/or my creativity is drying up, because I'm stuck for providing examples for 1, 3, 4, 5 and 6. Can anyone think of something(s)?

    Also, does anyone know of any ICO breaches in relation to schools which were specifically in relation to a principle? Again, I was thinking this would focus people's minds if they could see where other schools had failed.

    Any assistance much appreciated.

    TIA

  2. #2

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    10,074
    Thank Post
    1,384
    Thanked 1,889 Times in 1,170 Posts
    Blog Entries
    19
    Rep Power
    614
    Where to start ...

    I am presently writing a report on this, and I was thinking about including a list of schools who have signed undertakings. This might be a tad harsh on those schools though, especially if they have changed where they went wrong. You would have to go through each undertaking which has been signed by a school and analyse exactly what went wrong. This can be gathered from the ICO, of course, by requesting the information via a FoI request ;-)

    A good place to start on the training is the previously issued guidance from Becta ... still available via the National Archive site. (The last cut is available at [ARCHIVED CONTENT] Becta Schools - Leadership and management - Data management - Data handling security guidance for schools)

    The ICO has also recently released a very good report aimed at schools which might also answer most of your needs. ICO news release: Report offers school data protection advice

    I hope this gives you a good start.

  3. Thanks to GrumbleDook from:

    Gongalong (21st November 2012)

  4. #3
    Gongalong's Avatar
    Join Date
    Oct 2011
    Location
    United Kingdom
    Posts
    975
    Thank Post
    905
    Thanked 21 Times in 19 Posts
    Rep Power
    11
    Thanks for the reply. Ah yes, I have the Schools report (very useful!).

    I was thinking that real world examples would (a) be more interesting than the rather dry repetition of the principles and (b) hopefully drive home in some staff at least that these things really happen ("would you like your school to have this headline, which people will forever find with Google?"). This was in addition to some general do's and don'ts, which is the other part I'm struggling. Perhaps sifting through the real world examples will liberate some more general advice for each principle. Googling "ico breach school" brings up a fair few to start with.

  5. #4


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,715
    Thank Post
    288
    Thanked 789 Times in 616 Posts
    Rep Power
    226
    Quote Originally Posted by Gongalong View Post
    Thanks for the reply. Ah yes, I have the Schools report (very useful!).

    I was thinking that real world examples would (a) be more interesting than the rather dry repetition of the principles and (b) hopefully drive home in some staff at least that these things really happen ("would you like your school to have this headline, which people will forever find with Google?"). This was in addition to some general do's and don'ts, which is the other part I'm struggling. Perhaps sifting through the real world examples will liberate some more general advice for each principle. Googling "ico breach school" brings up a fair few to start with.
    I just tend to screenshot the more idiotic school/local gov breaches when they pop up in the news and store them in my "useful images for docs" folder. Search El Reg / BBC for "breach" or whatever, follow the link to ICO / local paper website and screenshot.
    Last edited by pete; 21st November 2012 at 10:55 AM.

  6. Thanks to pete from:

    Gongalong (21st November 2012)

  7. #5

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    10,074
    Thank Post
    1,384
    Thanked 1,889 Times in 1,170 Posts
    Blog Entries
    19
    Rep Power
    614
    Quote Originally Posted by Gongalong View Post
    Thanks for the reply. Ah yes, I have the Schools report (very useful!).

    I was thinking that real world examples would (a) be more interesting than the rather dry repetition of the principles and (b) hopefully drive home in some staff at least that these things really happen ("would you like your school to have this headline, which people will forever find with Google?"). This was in addition to some general do's and don'ts, which is the other part I'm struggling. Perhaps sifting through the real world examples will liberate some more general advice for each principle. Googling "ico breach school" brings up a fair few to start with.
    I'll have to check whether I can release the info I hold (which I gained from the ICO) as I have to abide by DP / FoI with my info too ... it might be quicker to ask ICO directly.

  8. Thanks to GrumbleDook from:

    Gongalong (21st November 2012)

  9. #6
    Gongalong's Avatar
    Join Date
    Oct 2011
    Location
    United Kingdom
    Posts
    975
    Thank Post
    905
    Thanked 21 Times in 19 Posts
    Rep Power
    11
    Pete: yes, screenshots of newspaper headlines was exactly what I was thinking of. I had only got as far as ICO press releases, which didn't quite have the impact, but it was a start at least.

    GrumbleDook: understood.



SHARE:
+ Post New Thread

Similar Threads

  1. Complience with the Data Protection Act on admin networks.
    By Dos_Box in forum School ICT Policies
    Replies: 9
    Last Post: 27th November 2007, 09:29 AM
  2. Changes to data protection act
    By sjplot in forum Network and Classroom Management
    Replies: 18
    Last Post: 5th October 2007, 12:19 PM
  3. Folder access - Data Protection Act - How do you do it?
    By Paid_Peanuts in forum How do you do....it?
    Replies: 7
    Last Post: 29th August 2007, 12:39 PM
  4. Data Protection Act And Root/Administrators Passwords.
    By tickmike in forum General Chat
    Replies: 4
    Last Post: 11th September 2006, 04:35 PM
  5. Data Protection Act - re: Remote Access
    By mark in forum School ICT Policies
    Replies: 18
    Last Post: 26th September 2005, 08:19 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •