Definitions
DPIA Data Protection Impact Assessment
UK GDPR UK General Data Protection Regulations
ICO Information Commissioners Office
DPO Data Protection Officer
Glossary
Anonymisation
Anonymisation is the process of rendering data into a form which does not identify individuals, and where identification is not likely to take place. By definition, anonymised data do not relate to a particular individual any more than they relate to anyone else in the underlying population.
Biometric data
‘Biometric data’ means personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or dactyloscopic (finger print) data;
Business sensitive data
“Business sensitive” relates to information and documentation which is created, that requires confidentiality due to the legal, ethical or commercial content. Information that, if disclosed, could prejudice, or cause reputational or financial damage to an organisation.
Consent
‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
Cyber Essentials
A government accredited set of basic technical controls to help organisations protect themselves against common online security threats. The scheme enables organisations to gain one or two Cyber Essential badges and is suitable for organisations of any size, in any sector https://www.cyberessentials.ncsc.gov.uk/
Data portability
‘The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services. It allows them to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without affecting its usability’.
Genetic data
‘Genetic data’ means personal data relating to the inherited or acquired genetic characteristics of a natural person which give unique information about the physiology or the health of that natural person and which result, in particular, from an analysis of a biological sample from the natural person in question;
ISO 27001
ISO 27001 is the international standard that provides specification for best-practice information security management systems (ISMS). It provides a certificated accreditation and is supported by a code of practice for information security management.
Lawful basis for processing
The lawful bases for processing are set out in Article 6 of the General Data Protection Regulations. At least one of the lawful basis for processing must apply whenever you process personal data. (see appendix B for a full list).
Personal data
“Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
Pseudonymisation
Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Special categories of data
Special categories of data are considered as more sensitive data consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation.
