The Police Act 1997 remedial order 2018: privacy impact assessment
Privacy Impact Assessment for the Police Act 1997 and Protection of Vulnerable Groups (Scotland) Act 2007 Remedial Order 2018
Annex A - Privacy Impact Assessment - Mitigation Summary
Questions to identify Privacy Issues |
Answer and Risk rating |
Mitigation |
---|---|---|
1. Does the proposal include the use of new or additional technologies with the potential for privacy intrusion? |
No – Low |
|
2. Identity: Does the proposal include new identifiers, or substantially change or re-use existing identifiers or any intrusive or onerous identification, authentication or identity management processes? |
No - Low |
There is no change to the information collected. |
3. Identity: Does the proposal affect anonymity or pseudonymity; will previously anonymous or pseudonymous transactions be identified? |
No - Low |
As above. |
4. Is the justification for the proposal either unpublished or unclear? |
No - Low |
|
4. a) Does the proposal involve new or changed data collection policies or practices that may be unclear or intrusive? |
No - Low |
Existing data collection techniques have been tried and tested under the previous regime. |
4. b) Does the proposal involve new or changed quality assurance or security processes or standards that may be unclear and/or unsatisfactory? |
No - Low |
Existing data collection techniques have been tried and tested under the previous regime. |
4. c) Does the proposal involve new or changed data access or disclosure arrangements that may be unclear or permissive? |
No - Low |
Existing data collection techniques have been tried and tested under the previous regime. |
4. d) Does the proposal involve new or changed data retention processes that may be unclear or extensive? |
No - Low |
As above. |
4. e) Does the proposal involve a new or changed medium or method of disclosure for publicly available information so data is more readily accessible? |
No - Low |
As above. |
5. Will the proposal involve multiple organisations, either government agencies ( e.g. 'joined-up government' initiatives) or the private sector? |
Yes – Low |
No change in the information exchange or the processes. Only change is the group of individuals able to apply to a Sheriff. |
6. Does the proposal involve personal data of particular concern to individuals? |
Yes – Medium - Low |
Names, D.O.B, addresses, NI Number and conviction information. The information is securely transmitted and held. |
7. Does the proposal involve the linkage of personal data with data in other collections, or any significant change to existing data links or holdings? |
No - Low |
No |
8. Will the proposal handle a significant amount of data about each person, or significantly change existing data-holdings? |
No - Low |
The process will not handle information other than what is required to process the appeals. |
9. Will the proposal handle data about a significant number of people, or change significantly the existing population scope or coverage? |
No - Low |
No, the number of anticipated appeals is very low. |
10. Does the proposal consolidate, inter-link, cross-reference or match personal data from multiple sources? |
Yes – Low |
Yes, matching will be done with information held on Police databases ( PNC & CHS). This process has not changed. |
11. Is the proposal to process any data that is exempt from legislative privacy protections? |
No - Low |
We have no plans to process any data that may be exempt from legislative privacy protections. |
12. Does the proposal's justification include significant contributions to public security measures? |
No - Low |
There should be no impact on public security measures as a result of these changes. |
13. Does the proposal intend to disclose personal data to, or access by, third parties that are not subject to EU or comparable privacy regulation? |
No - Low |
We do not intend to disclose any data to anyone or anywhere that is not subject to EU or comparable privacy regulations. |
Contact
There is a problem
Thanks for your feedback