Teacher Mantra for GDPR

Posted on: 15 Jun 2018

is it LEGAL? is it LINKED? is it LOCKED? If in doubt: ASK or STOP is it LEGAL?

Do you need to gather, process, store, the information at all?
Is it key to your professional role?
Is it yours to process? Might #Consent be required? How sensitive is the data? What if you lost it?
Is there sufficient #Transparency in what you are doing?

enter image description here

is it LINKED?

Share Links to Data rather than the Data itself. Keep it in the Cloud. In an MIS. In a central repository. In a shared spreadsheet or document. Not as an attachment. Not on paper. Not in a local spreadsheet. Not on a local drive. Not on a memory stick.

enter image description here

is it LOCKED?

Lock documents. Lock data stores. Lock cabinets. Lock screens. Lock doors. Lock phones.

Change passwords regularly. Keys.

Consider DualFactor authentication. Biometrics.

Data should either be locked away or clearly published. Don’t destroy data if you have the master record unless this is your policy for that type of document.

enter image description here

See the full thread here.

About ISC Digital Strategy Group

The ISC Digital Strategy group is composed of experts with representatives drawn from the ISC member associations and provides independent advice to Senior Management teams on a range of ICT related issues.