Organisational Measures. 30.1 The Company shall ensure that the following measures are taken with respect to the collection, holding, and processing of Personal Data:
Organisational Measures. Data Processor shall ensure that the following measures are taken with respect to the collection, holding and processing of personal data: A designated officer (“the Designated Officer”) within Data Processor shall be appointed with the specific responsibility of overseeing data protection and ensuring compliance with Data Protection Legislation. All employees, contractors, agents, consultants, partners or other parties working on behalf of Data Processor are made fully aware of both their individual responsibilities and Data Processor’s responsibilities under Data Protection Legislation and shall be furnished with a copy of this Policy. All employees, contractors, agents, consultants, partners or other parties working on behalf of Data Processor handling personal data will be appropriately trained to do so. All employees, contractors, agents, consultants, partners or other parties working on behalf of Data Processor handling personal data will be appropriately supervised. Methods of collecting, holding and processing personal data shall be regularly evaluated and reviewed. The Performance of those employees, contractors, agents, consultants, partners or other parties working on behalf of Data Processor handling personal data shall be regularly evaluated and reviewed. All employees, contractors, agents, consultants, partners or other parties working on behalf of Data Processor handling personal data will be bound to do so in accordance with the principles of Data Protection Legislation and this Policy by contract. Failure by any employee to comply with the principles or this Policy shall constitute a disciplinary offence. Failure by any contractor, agent, consultant, partner or other party to comply with the principles or this Policy shall constitute a breach of contract. In all cases, failure to comply with the principles or this Policy may also constitute a criminal offence under Data Protection Legislation. All contractors, agents, consultants, partners or other parties working on behalf of Data Processor handling personal data must ensure that any and all of their employees who are involved in the processing of personal data are held to the same conditions as those relevant employees of Data Processor arising out of this Policy and Data Protection Legislation. Where any contractor, agent, consultant, partner or other party working on behalf of Data Processor handling personal data fails in their obligations under this Policy that part...
Organisational Measures. The Data Processor has in place the following policies: • Data Protection Policy • Personal data breach Policy • IT Communications and Systems Policy • Data Security Policy • Business Continuity Policy
Organisational Measures. Unifrog will require the Schools to implement the following organisational measures to complement the technical and contractual measures set out above, in order to ensure an essentially equivalent level of protection of the personal data to that guaranteed within the UK: the adoption of internal policies with clear allocation of responsibilities for data transfers, and standard operating procedures for cases of official requests from public authorities to access the data. specific training procedures for School personnel in charge of managing requests for access to personal data from public authorities. the documentation and recordal of requests for access received from public authorities provided, alongside the reasoning and the actors involved (e.g. whether Unifrog has been notified and its reply, the School’s assessment of such requests, etc). To the extent permitted by law, these records shall be made available to Unifrog, who should in turn provide them to the data subjects concerned where required. the adoption of data access and confidentiality policies and best practices, including emphasising the need to keep passwords confidential, and deterring teachers and other school staff from downloading personal data from the Unifrog Platform. the regular review of internal policies to assess the suitability of the measures referred to above and implement additional or alternative solutions when necessary, to ensure that an equivalent level of protection to that guaranteed within the UK of the personal data transferred is maintained.
Organisational Measures. Do you have a privacy notice? Please provide its location/a copy. Do you have information management policies/guidance in place (e.g. Data Protection policy, Staff Screening, Security Incident Management)? Please list the policies/guidance below: Do you provide training for staff processing data (e.g. Data Protection/Information Management training)? Please provide details. Any data breaches in relation to this contract must be reported to the SCC Authorised Representative (to be agreed upon award of contract) and the CYP Business & Information Team xxx.xxxxxxxxxxxxxx@xxxxxxx.xxx.xx within 48 hours of their discovery. What categories of personal data will the contractor process? Childs full name Childs DOB Childs address Childs contact details UPN Number The education setting Parent / Carer details Full name(s) of all persons with legal parental responsibility / carers (with addresses if different) and relationship to the child Health information Details of child’s profile of need Details from child’s EHCP Child protection concerns and/or relevant family background information Childs race and ethnicity Religion Child in care status Which categories of data subjects (individuals) will be processed by the contractor? Students Who should the contractor contact in the event of any security incidents/data breaches which occur whilst processing data under this contract? Any data breaches in relation to this contract must be reported to the Provider Services Team xxxxxxxxxxxxxxxxxxxxxxx@xxxxxxx.xxx.xx and the CYP Business & Information Team xxx.xxxxxxxxxxxxxx@xxxxxxx.xxx.xx within 48 hours of their discovery. What is the agreed time-frame for reporting the security incident/data breach to SCC? Within 48 hours of its discovery. If the contractor has appointed a Data Protection Officer record his/her name and contact details in this section. To be completed upon signing of Service Level Agreement. Retention period(s) for personal data during the contract term and process for destruction of data at end of retention period/s To be completed upon signing of Service Level Agreement. Which party is responsible for the end of contract data management (e.g., deletion or return of data to SCC)? To be complete upon signing of Service Level Agreement. Contractor’s sub-contractors (sub-processors) To be completed upon signing of Service Level Agreement. Schedule 4: SEND Outcomes The SEND Outcomes described below are a set of standards, that have been jointly agreed across Edu...
Organisational Measures. The parties to this agreement have set the following sick leave performance target:
Organisational Measures. 4.2.1 Time lost due to sickness and workplace accidents - 5 days per employee p.a.
Organisational Measures a. The Data Importer is responsible for ensuring that organisational and management structures are present to protect personal data, including ensuring that clear roles, responsibilities, reporting lines and sufficient staff are provided in order to protect personal data.
Organisational Measures. 6.14.6 Time lost due to sickness and workplace accidents - 5 days per employee a year.
Organisational Measures
