Check service folders for access
Are drawers/cabinet locked?
Check desks, drawers and cabinets for personal data.
Training - Have you received training in relation to Data Protection?
Was the training relevant to you and do you think anything was missing?
Do you feel confident about how data protection relates to you?
Do you have an understanding of good practices in relation to information security?
Do you know what is meant by the concept of “personal data” under the Data Protection laws?
Do you know what sensitive/special categories of data are and are you aware of handling this?
Do you understand what is meant by processing personal data?
Do you check to ensure the accuracy of the personal data being processed?
Are you aware of the data retention period and procedures in place at the site?
What would you do do if someone asks you for copies of all their personal data?
Who deals with Subject access and freedom of information requests?
Who deals with data management (data map, data protection policy and deletion of data)?
Who would you ask for access to your staff files?
What personal data do you process?
How do you process this personal data?
Who can access this personal data?
What can they access?
Check PC's for personal data on desktop/C drive/downloads/deleted items.
Does the service appear to follow the data map retention schedule?
Do you do remote/mobile working?
What are you aware abut securing data when mobile working e.g. being aware of surroundings when discussing personal information, not leaving on view in the car, Not storing passwords on paper, not alowing family members access to work equipment.