Since the implementation of the Data Protection Act 2018, Guardian Saints has provided a Data Protection Officer as a service to many fostering agencies. We recently solicited opinion from independent fostering agencies (IFAs) to help shape a series of web-based seminars; ensuring we discuss the issues that have the most impact. Of course, these seminars are not just about looking at problems, our longer-term aim is delivering solutions whether by process, technology, or training. The ultimate aim is to establish a cross sector code of practice, ratified by the Information Commissioner's Office (ICO).
Aimed at senior management and data controllers but valuable to all staff, this online seminar looks at the common causes of breaches and the measures that can be taken to minimise the likelihood of data loss. Preparation through data breach planning can save precious hours in managing a breach. Breaches can occur as the result of:
- Process lapses in a provider’s environment
- Actions or inactions of third-party partners
Regardless, the data controller has the responsibility to act in the best interests of the affected Data Subjects, ensuring that appropriate remedial actions are taken to minimise the risk of reoccurrence. Based on ‘real life’ experiences, we will look at situations that have arisen in our work supporting fostering providers alongside how some well publicised breaches were managed. As reputations can be made or broken due to a breach, we will detail:
- The processes that must be undertaken should the event occur
- How to manage third parties
- The difference between assessing impacts and risks
- Highlight the value of examining breaches in the news and looking at ICO statistics
- When to report to the ICO
The outcomes of the Q&A session will feed into our planned workshop on managing data breaches, which will take a more depth to look at solutions to the challenges you tell us about.
Guardian Saints is a not for profit community interest company founded in 2014 by two parents and a foster carer all with successful careers in cyber security, data protection and compliance within the corporate sector