Best Practice Update

Checklists in navy text by Data Protection Education. Data Protection Services badge.  The DPE Knowledge Bank on a laptop screen

Product Focus on Checklists : Redaction

All of our customers have access to the DPE Knowledge Bank which has a Best Practice Checklist area.  Each checklist is designed to help you walk through all aspects of data protection.
The checklist will give you an insight about where your organisation is with data protection from a data privacy and technical security perspective. The checklists form part of the Best Practice library which includes contextualised guidance, documents and resources on specific areas of data processing.  The checklists form part of the ICO Accountability Framework which helps organisations with their governance and corporate risk management where it relates to data protection.    The checklists cover all aspects of the framework, enabling you to assess against organisation baselines:

  1. Leadership & Oversight
  2. Risk Management (DPIA's)
  3. Policies & Procedures
  4. Individual Rights
  5. Contracts & Data Sharing
  6. Transparency
  7. Training & Awareness
  8. Records Management
  9. Monitoring Verification & Reporting (Data Breaches, SARs and FOI's)
  10. Response & Enforcement (SARs and FOI's)

Redaction

The  Redaction Checklist guidelines about redaction, primarily for use in Subject Access Requests..  It links in with the Redaction Best Practice Area which gives help and guidance for reference when removing content from data provided under a request for information such as a Subject Access Request (SAR).  There are template policies, procedures and response letters.  Our customers also have access to a free redaction tool which is designed to work with pdf documents of up to 25 pages: Document Redaction Tool.  If you are struggling with redacting a large Subject Access Request we can provide a redaction service for a small charge, please contact us at: This email address is being protected from spambots. You need JavaScript enabled to view it.

Answer a sample Redaction checklist question:

Are redaction guidelines followed when responding to subject access requests?

Invalid Input


Amazing, you have ticked off an important item on the Redaction checklist:

For further help and guidance and access to the full checklist, please contact This email address is being protected from spambots. You need JavaScript enabled to view it..




Anyone undertaking redaction for a subject access request should understand what personal data needs to be redacted.  Having redaction guidelines and a subject access request procedure can help a subject access response run smoothly.

Clipart cartoon with headphones on Please contact us for more help and advice about data protection compliance: This email address is being protected from spambots. You need JavaScript enabled to view it. including the full checklist and best practice.

Our customers have access to a free redaction tool, or it's a service we can provide.

 


Try asking the data protection  lead, or SLT digital lead in your organisation or contact your DPO.  How does your organisation implement redaction for subject access requests, is it using a tool the ensures there is a way to permanently remove the information required?

We can provide help and guidance with data protection compliance, cyber security standards and records management: This email address is being protected from spambots. You need JavaScript enabled to view it. including the full checklist and best practice.




DPE customers can get started on completing the Redaction checklist here:

Search