Data Subject: The individual to whom the personal data relates, Focuses on the rights and interests of individuals whose data is collected, stored and processed by organisations, Should be familiar with their rights under the Data Protection Act 2018 - right to access/correct/delete, Consider consent of giving personal data , Should report concerns about breaches or misuse to data controller or authorities, Data Controller: The organisation that determines the purposes and means of processing personal data, Hold the primary responsibility for ensuring compliance with laws, Determine and document reasons for collecting personal data , Ensuring the data is used lawfully, fairly and transparently, Implement and enforce robust data protection policies/practices, Obtain and manage valid consent from data subjects , Facilitate data subject rights such as access/ rectification/ erasure requests, Develop procedures for handling data breaches, such as notifying authorities, Check contracts comply with data protection laws, Data Processor: Individual/organisation that processes personal data, Follows data controllers instructions to protect personal data, Implement measures to protect against unauthorised access, alternation, loss, Help data controllers comply with responding the subject requests and managing data breaches, Has written agreements with data controllers about processing activities and protection measures, Notifies the data controller about any data breaches or compliance issues,

Data Protection Act - Roles

by
Print
Embed

Leaderboard

Visual style

Options

Switch template

Continue editing: ?