Print

Print

Hi All,

 

Just a bit of a query. When you have a data processing contract in place with an organisation who is dealing with your personal information on your behalf, as well as identifying explicitly what the organisation can and cannot do with the information and what security measures they need to have in place; does anyone include (or think that you should include) a clause, that if the Data Processor has a security breach that they are responsible for (as it goes against the instructions in the agreement), that the Data Processor are then liable for the fine (if applicable) from the ICO? Because I know it is the Data Controller who is held responsible by the ICO not the Data Processor, but what happens if you have done everything in your power i.e. put the clauses in place and you audit them?

 

So I guess my query is, do people think that you need to/can you include a clause like this or would the ICO in this instance not hold you responsible?

 

Thanks for your help in advance.

 

Kind Regards,

 

April Murphy

Information Governance Support Officer

 

Tel:  0151 443 4660

Knowsley Council êComputer Centre êWestmorland  Road êHuyton êL36 9GL

 

P Save a tree . . . please do not print this e-mail unless you really need to.

 

 
This e-mail and any attachments are confidential.  It may contain privileged information and is intended for the named recipient(s) only.  It must not be distributed without consent.  If you are not one of the intended recipients, please notify the sender immediately and do not disclose, distribute, or retain this email or any part of it and do not take any action based on it.
 
Unless expressly stated, opinions in this email are those of the individual sender, and not of Knowsley MBC.  Legally binding obligations can only be created for, or be entered into on behalf of, Knowsley MBC by duly authorised officers or representatives.

Knowsley MBC excludes any liability whatsoever for any offence caused, any direct or consequential loss arising from the use, or reliance on, this e-mail or its contents.  We believe but do not warrant that this e-mail and any attachments are virus free.  You must therefore take full responsibility for virus checking and no responsibility is accepted for loss or damage arising from viruses or changes made to this message after it was sent.  Knowsley MBC reserves the right to monitor and/or record all e-mail communications through its network in accordance with relevant legislation.
 
 

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)