Inspection

Pre check area.

Check service folders for access

Are drawers/cabinet locked?

Check desks, drawers and cabinets for personal data.

Staff Awareness

Training - Have you received training in relation to Data Protection?

Was the training relevant to you and do you think anything was missing?

Do you feel confident about how data protection relates to you?

Do you have an understanding of good practices in relation to information security?

Do you know what is meant by the concept of “personal data” under the Data Protection laws?

Do you know what sensitive/special categories of data are and are you aware of handling this?

Do you understand what is meant by processing personal data?

Do you check to ensure the accuracy of the personal data being processed?

Are you aware of the data retention period and procedures in place at the site?

What would you do do if someone asks you for copies of all their personal data?

Who deals with Subject access and freedom of information requests?

Who deals with data management (data map, data protection policy and deletion of data)?

Who would you ask for access to your staff files?

Data Handling

What personal data do you process?

How do you process this personal data?

Who can access this personal data?

What can they access?

Records Management

Check PC's for personal data on desktop/C drive/downloads/deleted items.

Does the service appear to follow the data map retention schedule?

Do you do remote/mobile working?

What are you aware abut securing data when mobile working e.g. being aware of surroundings when discussing personal information, not leaving on view in the car, Not storing passwords on paper, not alowing family members access to work equipment.

Please note that this checklist is a hypothetical example and provides basic information only. It is not intended to take the place of, among other things, workplace, health and safety advice; medical advice, diagnosis, or treatment; or other applicable laws. You should also seek your own professional advice to determine if the use of such checklist is permissible in your workplace or jurisdiction.