Agrees and reviews protocols governing the disclosure of personal information across organisational boundaries, e.g. with social services and other partner organisations contributing to the local provision of care.
SFIA Skills: Personal data protection (PEDP)
Incident response (PEDP) (Level 6)
Raises concerns about any inappropriate uses made of patient / service user information with the DPO where necessary.
Improvement plans (PEDP) (Level 6)
Agrees and presents annual outcome reports relating to issues of confidentiality and information sharing. Advises on annual improvement plans relating to issues of confidentiality and information protection.
Control and owners (PEDP) (Level 6)
Maintains an overview of the organisation’s information assets, identifies the information asset owners and implements internal audits including controls on storing, security, maintaining records of processing activities, data protection impact assessments, transfers, contracts and handling access to personal data.
Incident Response (Level 6)(IG)
Cooperates with the supervisory authority. Acts as the contact point for the supervisory authority on issues relating to processing, including the prior consultation referred to in Article 36. Consults, where appropriate, with regard to any other matter. Advises the organisation on risk mitigations and required actions.
Restricted Transfers (IG)(Level 4)
Advises on restricted transfers including any additional safeguards and ensures copies of safeguards are available to persons whose data is to be or has been transferred overseas.
Incident response (PEDP) (Level 6) (IG)
Assesses and manages the risk for any potential personal data breaches and cyber incidents. Sets in motion the agreed procedures to identify breach, including with third parties, works within statutory timeline, mitigates risk, and maintains communications with Data Protection Officer (DPO), or equivalent when not required, to comply with statutory notification to the regulatory authority (Commissioner) if breach confirmed.