The Police Act 1997 remedial order 2018: privacy impact assessment

Privacy Impact Assessment for the Police Act 1997 and Protection of Vulnerable Groups (Scotland) Act 2007 Remedial Order 2018


Annex A - Privacy Impact Assessment - Mitigation Summary

Questions to identify Privacy Issues

Answer and Risk rating

Mitigation

1. Does the proposal include the use of new or additional technologies with the potential for privacy intrusion?

No – Low

2. Identity: Does the proposal include new identifiers, or substantially change or re-use existing identifiers or any intrusive or onerous identification, authentication or identity management processes?

No - Low

There is no change to the information collected.

3. Identity: Does the proposal affect anonymity or pseudonymity; will previously anonymous or pseudonymous transactions be identified?

No - Low

As above.

4. Is the justification for the proposal either unpublished or unclear?

No - Low

4. a) Does the proposal involve new or changed data collection policies or practices that may be unclear or intrusive?

No - Low

Existing data collection techniques have been tried and tested under the previous regime.

4. b) Does the proposal involve new or changed quality assurance or security processes or standards that may be unclear and/or unsatisfactory?

No - Low

Existing data collection techniques have been tried and tested under the previous regime.

4. c) Does the proposal involve new or changed data access or disclosure arrangements that may be unclear or permissive?

No - Low

Existing data collection techniques have been tried and tested under the previous regime.

4. d) Does the proposal involve new or changed data retention processes that may be unclear or extensive?

No - Low

As above.

4. e) Does the proposal involve a new or changed medium or method of disclosure for publicly available information so data is more readily accessible?

No - Low

As above.

5. Will the proposal involve multiple organisations, either government agencies ( e.g. 'joined-up government' initiatives) or the private sector?

Yes – Low

No change in the information exchange or the processes. Only change is the group of individuals able to apply to a Sheriff.

6. Does the proposal involve personal data of particular concern to individuals?

Yes – Medium - Low

Names, D.O.B, addresses, NI Number and conviction information.

The information is securely transmitted and held.

7. Does the proposal involve the linkage of personal data with data in other collections, or any significant change to existing data links or holdings?

No - Low

No

8. Will the proposal handle a significant amount of data about each person, or significantly change existing data-holdings?

No - Low

The process will not handle information other than what is required to process the appeals.

9. Will the proposal handle data about a significant number of people, or change significantly the existing population scope or coverage?

No - Low

No, the number of anticipated appeals is very low.

10. Does the proposal consolidate, inter-link, cross-reference or match personal data from multiple sources?

Yes – Low

Yes, matching will be done with information held on Police databases ( PNC & CHS). This process has not changed.

11. Is the proposal to process any data that is exempt from legislative privacy protections?

No - Low

We have no plans to process any data that may be exempt from legislative privacy protections.

12. Does the proposal's justification include significant contributions to public security measures?

No - Low

There should be no impact on public security measures as a result of these changes.

13. Does the proposal intend to disclose personal data to, or access by, third parties that are not subject to EU or comparable privacy regulation?

No - Low

We do not intend to disclose any data to anyone or anywhere that is not subject to EU or comparable privacy regulations.

Contact

Back to top