Data protection impact assessment report template



607695-2894965March 201800March 2018598170-3237865Information Assurance and Risk00Information Assurance and Risk533400-7393305Data Protection Impact Assessment– template for report 0Data Protection Impact Assessment– template for report Data Protection Impact Assessment (DPIA) – Homelessness and Housing Options data collectionsIntroductionThe purpose of this document is to report on and assess against any potential Data Protection or Privacy Impacts as a result of the collection and analysis of Homeless application data (HL1), Temporary Accommodation placements (HL3) and Housing Options data (PREVENT1). Document metadataName of Project: Homelessness and Housing Options data collectionsAuthor of report: Susan Carsley, Homelessness Statistics and Analysis, Communities Analytical DivisionDate of report: 1 April 2019Name of Information Asset Owner (IAO) of relevant business unit: Audrey MacDougall, Deputy Director: Communities Analysis Division and Chief Social ResearcherDate for review of DPIA: Review dateDetails of updateCompletion dateApproval DateDescription of the projectDescription of the work:Data on homeless applications (HL1), Housing Options applications (PREVENT1) and Temporary Accommodation placements (HL3) are collected on a quarterly basis from all Local Authorities. This data is then processed by the Homeless Statistics and Analysis Team and bi-annual homelessness publications and an annual Housing Options publication produced. As well as producing official statistics publications which are used by a range of users, the data is also used to inform policy, monitor performance/changes over time and assess inequalities amongst the population. This data is particularly important as the Scottish Government are planning several changes to homelessness legislation in the future which will need careful monitoring to understand impact and inform any subsequent modifications required.Personal data to be processed. VariableTypeData SourceNational Insurance Numbers (NINOs)PersonalHL1 and PREVENT1Collected by Local Authorities as part of the Homelessness Application or Housing Options approachEthnicityDates of BirthMental healthVulnerabilitiesDisabilitiesSpecial categoryHL1 and PREVENT1Collected by Local Authorities as part of the Homelessness Application or Housing Options approachPostcodesPersonalHL1 and PREVENT1Collected by Local Authorities as part of the Homelessness Application or Housing Options approachDescribe how this data will be processed:Homelessness, Temporary Accommodation placements and Housing Options data are submitted on a quarterly basis by all 32 Local Authorities. The purpose of the research is to inform policy on homelessness, monitor changes over time and inform the public of the state of homelessness in Scotland. HL1 & HL3 collection & processingHomelessness application (HL1) and Temporary Accommodation placement (HL3) data is submitted in csv format via government secure email to the homeless statistics inbox. Access to this inbox is restricted to the Homelessness Statistics and Analysis Team. The data is then saved in a secure area, before being uploaded and quality assured in SAS. Any open cases are updated (where necessary) and new cases added to the dataset. A number of checks are performed on the data to ensure accuracy. These include validating the data against 170 separate tests to ensure the data supplied is of sufficient quality to load onto the live dataset. The validations are contained within the system output specifications available at: HL1 Data SpecificationHL3 Data SpecificationIf a case fails any of these checks it is returned to the local authority to rectify the error, before being submitted again. To ensure the live dataset is as robust as possible we also perform checks against data for previous years, raising queries with local authority staff as required. Once all cases have passed the error checks and are uploaded to the live dataset, a quarterly report for each Local Authority is produced and provided to said Local Authority. They are each asked to check the aggregate numbers in this report match the data held by their systems – this provides a final quality check of the data. PREVENT1 collection & processingHousing Options (PREVENT1) data is submitted in xml format via ProcXed. ProcXedProcxed is a secure data transfer, validation and reporting platform. It is owned and run by Scotxed (Scotxed is part of Education Analytical Services Division within the Learning and Justice Directorate of the Scottish Government), hosted on our own servers sited at, and maintained by, Pulsant (). Pulsant are a data processor, as such, the Scottish Government have a contract in place to comply with Article 28 GDPR. Pulsant themselves have no access to the applications which process the data, which is encrypted. However, their engineers do support the physical hardware and operating systems. Pulsant staff are all security checked. Procxed is a secure web based application requiring that data providers register with Scotxed for a secure login to access their collection. Key security features are :- - Each Organisation providing information must be known to Scotxed in advance of the collection. The Organisation will be associated with the appropriate data collection within Procxed and forms will only be available to the predefined Organisations. - Each Organisation will be asked to provide details for any Users that will be completing the return on their behalf. The Users will be provided with a login and password and be given permission to access that data collection. At each login attempt, Procxed will match the login credentials to the data collections and only allow access to the data collections that meet the criteria of Org, User and associated collections. This ensures that each data provider has access only to their own data and cannot see the data submitted by other organisations taking part in the same data collection exercise. On completing the return to the desired quality level, the data provider uses the Submit function to pass their data to Scotxed. Only then will the appropriate data collection administrator have access to the data. The platform has the ability to encrypt key identifiers such as CHI number to ensure confidentiality, and this happens prior to the data being passed through to ScotxedIn line with the data specification, a number of error checks are performed as part of the ProcXed upload process. Once the data has been submitted by a Local Authority, the Homelessness Statistics and Analysis Team can access this data via the ProcXed application and contact Local Authorities to ensure any remaining errors are rectified before the data is further processed. Once all Local Authorities have submitted their data the Homelessness Statistics and Analysis team request a cut of the data to be placed in a secure folder which is restricted to the Homelessness Statistics and Analysis team and IT colleagues. The data is then read into SAS and any current cases have their information updated (where necessary) and any new cases are added to the dataset. Once the dataset has been updated, quarterly reports for each Local Authority are created and provided to said Local Authority. They are each asked to check the aggregate numbers in this report match the data held by their systems – this provides a final quality check of the data. Data StorageAll datasets are held on the Scottish Government’s secure SAS servers. Individual level homelessness and housing options data are only accessible by a limited group of statisticians in the Scottish Government’s Homelessness Statistics and Analysis Team, along with the server administrator, who have all been trained in the safe handling of data. Access is controlled at two levels:1. At the operating system level, using Windows Access Control Lists (ACLs) to grant access to the members of approved Active Directory security groups.2. Within SAS metadata, using SAS Access Control Templates (ACTs) to grant access to the members of groups defined in the metadata.These servers are hosted in one of two data centres and can only be accessed from the internal Scottish Government network, known as SCOTS. The primary data centre is at Saughton House, a Scottish Government building in Edinburgh.The data is held on a storage area network (SAN) physically located in the primary data centre in Edinburgh. This data is also replicated to a SAN in the secondary data centre which is located in the Kaird, Hamilton, Scotland, and additionally backed up every weekend to separate storage in the primary data centre. The Information Asset Owner (IAO) for this data is Audrey MacDougall, Deputy Director: Communities Analysis Division and Chief Social Researcher, and Information & Technology Services (iTECS) fulfils the role of System Custodian.As System Custodian, iTECS operates and manages the data storage system to ensure it is protected, held securely and can only be accessed by users who have been approved by the IAO or Systems Owner, in this case, the Scottish Government’s Chief Statistician, Roger Halliday.Data Sharing Individual level data may be shared for research purposes. If researchers request data for research, the application will be examined by Communities Analytical Services, and potentially also the Scottish Government’s Data Access Panel which will determine if the research question is of public benefit, if the researchers have been adequately trained for handling sensitive data, and that adequate security is in place for handling the data. Researchers will not publish any information that identifies individuals. The Scottish Government will transfer the data securely to the researchers.Explain the legal basis for the sharing with internal or external partners:The data we collect from Local Authorities is used to monitor the operation of the homeless persons’ legislation in Scotland. This enables Scottish Ministers, other public bodies, relevant stakeholders and the general public to monitor the extent of homelessness in Scotland, and provides evidence to help with the development or refinement of policies, programmes and services designed to improve outcomes for the people of Scotland. Therefore, for the same reason the Scottish Government collects and analyses the data, the homelessness and housing options datasets may be shared in order to enable other organisations (public bodies, third sector organisations and academics) to undertake research which can provide evidence on homelessness in the broader public interest. Any onward sharing will be on a case by case basis and with a clearly identified legal gateway and data sharing agreement in place.GDPR Article 6(1)(e) provides a lawful basis for processing data where: “processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller”.GDPR Article 9(2)(g) provides a lawful basis for processing special category data where: “processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller”.In the view of the Scottish Government, there is a legitimate condition for processing as this data is needed to perform a task carried out in the public interest.In accordance with the safeguarding conditions in GDPR Article 89, we have put in place measures to ensure that we process only the personal data necessary for the research purposes, in accordance with the principle of data minimisation outlined in Article 5(c). An example of this is that we hash all NINOs at point of upload (as described in section 5.3), we also have strict access controls in place, to ensure that only members of the Homelessness Statistics and Analysis Team and select IT colleagues have access to the data. The data to be shared will not be processed to support measures or decisions with respect to particular individuals, it is being shared for the purpose of research and producing aggregate statistics. The data will not be processed in a way that substantial damage or distress is, or is likely to be, caused to any data subject and the results of any research or any resulting statistics are not made available in a form which identifies a data subject. As a result of these safeguarding conditions being met, the data to be shared is exempt from Principle 2 (incompatible with the purpose it was first collected), Principle 5 (retention of data) and Section 7 (data subject rights) of the Data Protection Act. The Scottish Government has the implied power to share this data which is necessary for the administration of the functions of government. Statistics and Registration Services Act 2007 The Scottish Government is a producer of Official Statistics and bound by the Statistics and Registration Services Act 2007, which establishes the Code of Practice (CoP) for Official Statistics (section 10). This requires us to: Meet user needs, as defined under principle 1 of the CoP, including: dissemination of official statistics to meet the requirements of informed decision making by government, public services, business, researchers and the public and to maximise public value. Make statistics available to all users, as in principle 8 of the CoP, including: make statistics available in as much detail as is reliable and practicable, subject to legal and confidentiality constraints and ensure that official statistics are disseminated in forms that enable and encourage analysis and reuse. By sharing our data with researchers (both internally and externally), we are meeting the requirements of informed decision making by government and researchers, maximising the public value of the statistics, and encouraging analysis and re-use. Article 5 (1)(b) of GDPR Article 5(1)(b) states that further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (‘purpose limitation’). All onward sharing will be on a case by case basis and with a clearly identified legal gateway and data sharing agreement in place. We will only share the data with researchers if their research question is of public value, and they can demonstrate that they will handle the data securely. Stakeholder analysis and consultationList all the groups involved in the project, and state their interest. GroupInterestLocal AuthoritiesData Providers and users of statistics SG Communities Analytical DivisionData Controllers (once data submitted to SG)ProcXed IT SupportIT Providers (SG internal)PulsantData ProcessorSG IT SupportIT Providers (SG internal)SG Homelessness Policy TeamResponsible for developing and monitoring policies in relation to homelessnessMethod used to consult with these groups when making the DPIA.There are several relevant stakeholder groups in this project. These include the 32 local authorities across Scotland that process homelessness applications, policy teams within the Scottish Government and ministers such as the Minister for Local Government, Housing and Planning. Other stakeholders include the Scottish Housing Regulator, Scottish Prison Services and various charities and third sector organisations. The Homelessness Statistics User Group brings representatives from many stakeholder organisations together to advise on and help progress the collection and analysis of this data.Method used to communicate the outcomes of the DPIA .The creation of the DPIA will be highlighted with local authorities and other relevant stakeholders through email and discussion with the Homelessness Statistics User Group. We intend to publish the DPIA on the Homelessness Statistics area of the Scottish Government website, either in full or a summarised version. Involvement of multiple organisationsData is collected from all 32 local authorities, they all collect and submit data in line with the same data specification and using the same guidance. HL1 Data SpecificationPREVENT1 Data SpecificationHL3 Data SpecificationCode of Guidance on HomelessnessHousing Options GuidanceAnonymity and pseudonymityn/aTechnologyAll data is held electronically on restricted areas of the SG secure SAS server as previously described. This is part of the SCOT network which holds cyber essentials plus accreditation. ProcXed is used to collect PREVENT1 data as previously described. The use of any new or additional information technology will be assessed by the Information Asset Owner and reviewed by the Data Protection and Information Assets team. The Homelessness Statistics and Analysis team will only use technology cleared by Scottish Government experts.Identification methodsA unique reference number is assigned to each applicant by the local authority receiving their application. There are separate unique reference numbers for each dataset (HL1, HL3, PREVENT1). However, all HL3 placements will have an associated HL1 application, which can be linked using the HL1 application reference number (APPREF) which is collected in both datasets. Where a Housing Options approach has an associated HL1 application, these can also be linked as the HL1 application reference number (APPREF) is also collected in PREVENT1 (where applicable). A combination of the relevant unique reference number and the receiving local authority code is then used if required within the Scottish Government dataset. National Insurance Number (NINO) is also collected, but is hashed at point of data upload and NINO then deleted. This means that is can be used to link between HL1 and PREVENT1 datasets (as same hashing algorithm is used) but cannot be linked to any other data without knowing the hashing algorithm. Sensitive/Special Category personal dataSpecial category data collected through HL1 and PREVENT1 include:EthnicityPhysical and mental healthDrug / alcohol dependencyThe data also includes reason for homelessness, of which two of the responses are ‘Dispute within household: violent or abusive’ and ‘Fleeing non-domestic violence’. Respondents are free to refuse to answer the ethnicity question. Disclosure Control is applied to all publications and analysis, so that no individual respondents are identifiable in any results. Changes to data handling proceduresWe are currently considering changing the method of data submission for HL1. The method we are considering changing to is that used for the PREVENT1 data collection (ProcXed). This would ensure a more efficient and secure data submission. Any notable changes to data handling procedures will be assessed from a data protection/privacy perspective and the DPIA will be updated accordingly. Additionally, the DPIA will be reviewed at least annually to consider whether any updates are required.Statutory exemptions/protectionThe Data Protection Act 2018 provides some exemptions for the purposes of research and statistics. It notes that: The listed GDPR provisions do not apply to personal data processed for (a) scientific or historical research purposes, or (b) statistical purposes, to the extent that the application of those provisions would prevent or seriously impair the achievement of the purposes in question. The listed GDPR provisions are the following provisions of the GDPR (the rights in which may be derogated from by virtue of Article 89(2) of the GDPR)—(a) Article 15(1) to (3) (confirmation of processing, access to data and safeguards for third country transfers);(b) Article 16 (right to rectification);(c) Article 18(1) (restriction of processing);(d)Article 21(1) (objections to processing).The exemption is available only where(a) the personal data is processed in accordance with Article 89(1) of the GDPR (as supplemented by section 19), and (b) as regards the disapplication of Article 15(1) to (3), the results of the research or any resulting statistics are not made available in a form which identifies a data subject.JustificationThe data we collect from Local Authorities is used to monitor the operation of the homeless persons’ legislation in Scotland. This includes information requirements for temporary accommodation and to help plan the need for settled accommodation. It provides reliable evidence to the government and others on the extent of homelessness in Scotland, as well as the need and use of temporary accommodation, the outcomes of those assessed as homeless and activities undertaken to prevent homelessness occurring. By collecting individual level data, rather than aggregated results from local authorities, we are able to produce more in-depth cross-sectional analysis across a wide range of characteristics and experiences, that simply would not be possible with aggregate data collections. This enables a much greater statistical and analytical value from the data and allows us to consider the impact of any policy changes on subgroups of those making homeless applications. By collecting individual level data it also means that we have the potential to link individual records (anonymously and under strict secure conditions) to other data sources. This allows us to bring new insights into homelessness, such as the recent Health & Homelessness Research study, which would not be possible with aggregated data. This information is used to inform policy, monitor performance/changes over time and assess inequalities amongst the population. This data is particularly important as the Scottish Government are planning several changes to homelessness legislation in the future which will need careful monitoring to understand impact and inform any subsequent modifications required. An additional benefit of collecting individual level data is that we can produce more robust and high quality statistics and analysis. As we are able to identify any anomalies at an individual level, it makes it much easier for local authorities to verify (and if required correct) these, therefore improving the quality of the data. The HL1, HL3 and PREVENT1 datasets are therefore collected and processed to undertake tasks in the public interest. Steps are taken to minimise the risks to privacy associated with processing.4.12Other risksThe lack of data sharing agreements between local authorities and the Scottish Government. At present Data Sharing Agreements do not exist, the lack of a formal agreement introduces a risk that there is miscommunication over the correct handling of the data. This will be mitigated by putting Data Sharing Agreements in place. The DSA will document the collaborative understanding of the processes in place to submit and process the data and the legal basis for this. General Data Protection Regulation (GDPR) PrinciplesPrincipleCompliant – Yes/NoDescription of how you have complied5.1 Principle 1 – fair and lawful, and meeting the conditions for processingYesProcessed FairlyWe recommend that local authorities add the following text to any declarations regarding our data collections:The Council will use the information and share it with other agencies, including the Scottish Government, for research and analysis; to monitor this service; and provide better services;Our reasons that it would involve disproportionate effort to provide fair processing informationThe case level information we hold does not contain the names or addresses of the individuals contained within each dataset. In order to contact individuals in our datasets, we would need to contact local authorities and ask them to write out on our behalf to each applicant, informing them of the fair processing information. Applicants may have moved, particularly homeless households, so it may no longer be possible to contact them. As a result it is our view that it would involve a disproportionate effort for Scottish Government to provide fair processing information. Even though Scottish Government do not provide information to data subjects directly, data subjects are informed about Scottish Government’s use of data via the local authority declaration.Processed LawfullyWe process data under section 199 of the Local Government (Scotland) Act 1973 which states:Every local authority and every joint committee or joint board shall, within such period as the appropriate Minister may require, make to that Minister such reports and returns and give him such information with respect to their functions as the Minister may require, or as may be required by either House of Parliament.We process data under GDPR Article 6(1)(e) which provides a lawful basis for processing where:processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;We process special category data under GDPR Article 9(2)(g) which provides a lawful basis for processing where:processing is necessary for reasons of substantial public interest, on the basis of Union or Member State law which shall be proportionate to the aim pursued, respect the essence of the right to data protection and provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject;5.2 Principle 2 – purpose limitationThe data we collect is used to monitor the operation of the homeless persons’ legislation in Scotland. This includes information requirements for temporary accommodation and to help plan the need for settled accommodation.Data about ethnicity or vulnerabilities of homeless applicants enables us to monitor the impact of homelessness on these groups, and for use in equality impact assessments where new programs are being developed.National Insurance Numbers are collected to enable us to understand how individuals might require repeated housing support over longer periods of time. 5.3 Principle 3 – adequacy, relevance and data minimisationWe collect only the minimum data required to achieve the purpose of the research, namely, producing official statistics publications, informing policy, monitoring performance/changes over time and assessing inequalities amongst the population.?National Insurance Number (NINO) gives us a unique identifier for each person over 16. These are then hashed at the point of data upload (more detail below). We use (hashed) NINOs to:Match anonymously individual’s across datasets so we can identify if a person in PREVENT1 goes on to become homeless. In this way we do not need to rely on manual links made by local authorities.Calculate levels of repeat homelessness, where local authorities do not enter data manually.Identify duplicate records in datasets. Repair datasets when local authorities switch to a different IT provider.Hashing of National Insurance NumbersNational Insurance numbers are hashed on validation using a standard hashing algorithm with a defined key known only by a small number of named individuals with specific responsibility for the dataset. In this way, no NI numbers are stored – they are replaced with a 40 character string of numbers and letters. This will allow links to be made across the datasets whilst preserving the anonymity of individuals. For example, using the default key (and not the key used), hashing will turn AB123456C into 8ee890f6d27197fff7e84647ce06290699d09812.We collect information on protected characteristics (ethnicity, date of birth, mental health, vulnerabilities and disabilities) in order to fulfil our duties under The Equality Act 2010 (Specific Duties) (Scotland) Regulations 2012.We collect information on postcodes in order to map our data to different geographies. This includes using SIMD and urban rural classifications. 5.4 Principle 4 – accurate, kept up to date, deletionTo ensure the accuracy of our case level data we quality assure our data to ensure it is fit for publication. This is in line with the Code of Practice for Official Statistics.Our quality assurance processes including:Validating the data at upload to ensure that fields have been completed in line with the data specificationComparisons with historical data or other data sourcesContacting local authorities to query unusual dataWe maintain master datasets for all case level datasets (HL1, HL3 and PREVENT1). Whenever new information is processed, this automatically updates information previously held by us.5.5 Principle 5 – kept for no longer than necessary, anonymizationUnder the research exemption (Schedule 2 Part 6 of the Data Protection Act 2018), it is lawful for us to hold our data indefinitely. We need to keep data indefinitely in order to maintain historical time series and to maintain the integrity of the dataset.For example, on occasions, local authorities change their IT suppliers and this can lead to changes in application references (the way cases are numbered). By keeping older cases, we are able to identify duplicate cases and repair any errors in the dataset.5.6 GDPR Articles 12-22 – data subject rightsWe undertake to process personal data in accordance with the rights of data subjects under the Data Protection Act 2018. We are exempt from the requirement to respond to subject access requests because of the research exemption in GDPR Article 89.5.7 Principle 6 - securityAppropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.At the point that the data submission is accepted by the Scottish Government, the data is transferred to the Scottish Government network and is subject to corporate arrangements for backup and security (as described in section 3.3).Where the reports are for statistical publications which may be accessed publicly, no data or analyses will ever be published from the dataset which could potentially identify individuals. Disclosure control is applied to all tables in these cases.5.8 GDPR Article 44 - Personal data shall not be transferred to a country or territory outside the European Economic Area.An international research institution may make a request for a research dataset. This would be considered under the same stringent release criteria as UK researchers. Personal data that identifies individuals is never released as all data is disclosure-controlled.Risks identified and appropriate solutions or mitigation actions proposedIs the risk eliminated, reduced or accepted?Risk RefSolution or mitigationResultA data breach when data is transferred from local authorities to the Scottish Government resulting in the release of personal data1Mitigating against the risk of a breach by using a secure system for the transfer of data from partners to the Scottish Government, and from Scottish Government to partners. Staff are provided with relevant data protection training to properly handle data and reduce the risk of a data breach.Produce Data Sharing Agreements with Local Authorities to ensure that both SG and Local authorities are aware of and in agreement of their responsibilities. ReduceData is published which allows identification of an individual2All published data will follow statistical disclosure guidance to ensure that no individual person can be identified in any analysis.EliminateData is shared with other researchers who publish data allowing identification of an individual3If there are any applications to link this data then this will be done under the Data Linkage Framework for Scotland. There are six Guiding Principles which should be considered before undertaking a data linkage project. These can be viewed in detail at: .uk/GuidingPrinciplesforDataLinkage. In summary, the Guiding Principles are:1. Public Interest 2. Governance and Public Transparency 3. Privacy 4. Access and Personnel 5. Clinical Trials 6. SanctionsNational Services Scotland, National Records of Scotland and NHS Central Register have data linkage services which are modelled on international data linking best practice. A key aspect of both data linkage services are the separation of personal data to the attribute data.Key features of using National Services Scotland, National Records of Scotland and NHS Central Register data linkage services include:The linking of data is for statistical / research analysis only. Researchers must apply to the ‘Statistics Public Benefit and Privacy Panel’ or the ‘Public Benefit and Privacy Panel for Health and Social Care’ (depending on which datasets are being linked) to gain access to the linked survey data.Data will be transmitted and stored in line with Cabinet Office data security requirements. Data sharing agreements will be put in place between the data controller (Scottish Government) and the organisation responsible for delivering the data linkage service. Linked data for analysis is accessed through a secure safe haven (or from Scottish Government servers) (unless the linked dataset has had Statistical Disclosure Control applied to create an anonymised dataset (i.e. where the risk of identifying a survey respondent is extremely unlikely)). Access to data for analysis is only given to accredited analysts for example, they have completed data protection training if they are an academic/NHS Scotland, or they are employed by the Scottish Government. All analytical outputs are checked to ensure they comply with confidentiality requirements, for example by applying Statistical Disclosure Control: The aim of disclosure control is to ensure that any statistical analyses will not reveal the identity of an individual or any private information relating to them.EliminateIncorporating Privacy Risks into planning Explain how the risks and solutions or mitigation actions will be incorporated into the project/business plan, and how they will be monitored. There must be a named official responsible for addressing and monitoring each risk.Risk RefHow risk will be incorporated into planningOwnerA data breach when data is transferred from local authorities to the Scottish Government resulting in the release of personal data1Data Sharing Agreements for all 32 local authorities are going to be drafted. These will document the agreed procedures for transferring data and what to do in the event of a breach.Susan CarsleyData is published which allows identification of an individual2Quality assurance checking is built into the publication timetable and all Adhoc requests have numbers rounded to the nearest 5. We will also be improving our SAS (analysis program) code to round figures rather than doing it in excel.Susan CarsleyData is shared with other researchers who publish data allowing identification of an individual3We will adhere to the Data Linkage Framework for Scotland if sharing data. Researchers will either be provided with an anonymised dataset or will only be able to do their analysis in a safe haven and their outputs will be disclosure checked before they are released to the researcher. Susan CarsleyData Protection Officer (DPO)The DPO may give additional advice, please indicate how this has been actioned. Advice from DPOActionAuthorisation and publicationThe DPIA report should be signed by your Information Asset Owner (IAO). The IAO will be the Deputy Director or Head of Division.Before signing the DPIA report, an IAO should ensure that she/he is satisfied that the impact assessment is robust, has addressed all the relevant issues and that appropriate actions have been taken. By signing the DPIA report, the IAO is confirming that the impact of applying the policy has been sufficiently assessed against the individuals’ right to privacy.The results of the impact assessment must be published in the eRDM with the phrase “DPIA report” and the name of the project or initiative in the title.Details of any relevant information asset must be added to the Information Asset Register, with a note that a DPIA has been conducted.I confirm that the impact of undertaking the data collections and analysis has been sufficiently assessed against the needs of the privacy duty:Name and job title of a IAO or equivalentAudrey MacDougallDeputy Director: Communities Analytical Division30480022923500Date each version authorised07/05/19 (version 1) ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download