Your Responsibilities as an Employee
      Back to home
      1. Knowledge Base
      2. Your Responsibilities as an Employee

      An overview of your responsibilities

      Data protection – What do I do & when?  

       

      New data processing

      What is is?

      Know and update what personal data we process (hold somewhere, use etc)

      When do you need to do something?

      When you spot that data we hold has been made available in a place/to people not in line with our recorded processing e.g. You have accidentally emailed personal data to the wrong person or; An attacker has gained access to data in our database

      What do you need to do? 

      Let data champions know if you are changing or starting any new data processing and receive guidance

      Asset/Supplier management

      What is is?
      Review all current and new 3rd parties we work with to make sure we know which of “our” data they hold and that they do it correctly

      When do you need to do something?

      When you spot that any individual requests something about their data (ask what we hold, ask to delete, ask to amend etc) e.g. User emails asking data to be deleted or; A job candidate asks what we hold for them

      What do you need to do? 

      1. BEFORE using new software/supplier let Data champion know and get approval 
      2. Complete a supplier security review form

      Data Subject Rights requests

      What is is?
      Let people whose data we hold access/update/delete it

      When do you need to do something?

      When you spot that we are going to be processing data in a different way (new data, no longer using certain data, holding it in a different way etc) e.g. You have thought of a new purpose for using our data or; We start holding Fans’ salary range

      What do you need to do? 

      Act QUICKLY and make the data champions know straight away, passing on details of the request (clock is ticking)

      Breach & Incident procedure

      What is is?
      Report/deal with where any data may have ‘got out’ where is shouldn’t (a breach)

      When do you need to do something?

      Whenever you want to use a new 3rd party where they may need to hold some of “our” data e.g. You want to start using a new piece of software or supplier or;You are migrating data from one system to another’

      What do you need to do? 

      Act QUICKLY and make the data champions know straight away (clock is ticking)