PRSB - New Video

The Professional Record Standards Body has launched a brand new video

70 Years of IHRIM - Commemorative Scrapbook

Please click the following link to download

PDP - Compliance News Updates - 4 September 2018

Data protection is one of unresolved issues in Brexit
PDP header graphic
  Issue: 04.09.2018

Data protection is one of unresolved issues in Brexit
UK Brexit Secretary Dominic Raab has said he is "stubbornly optimistic" about securing a deal after his latest talks with Micheal Barnier in Brussels. It is understood that unresolved issues include data protection, intellectual property, the role of the European Court of Justice and the crucial issue of the Irish border. On the EU's side, Michel Barnier said he needed detail from the UK on its plan to avoid a hard border in Ireland - he told journalists that remaining "bones of contention" between the two sides were being steadily eliminated with particular progress on issues of security, judicial and defence co-operation. The UK is due to leave the EU on 29th March 2019.  

Apple to require all apps to have a privacy policy

Apple is cracking down on apps that don't communicate to users how their personal data are used, secured or shared. In an announcement posted to developers, Apple says that all apps, including those still in testing, will be required to have a privacy policy as of 3rd October 2018. Apple's new requirement provides the company with a layer of protection from falling afoul of the GDPR - any app that doesn't comply going forward may be held accountable by way of its own privacy policy.          

Campaigners call for immigration exemption in UK's Data Protection Act to be scrapped

Campaign groups have launched a legal challenge against an exemption in the UK's Data Protection Act that could prevent citizens from gaining access to immigration data held on them. The Open Rights Group and EU citizens' group, the 3million, have argued that, as it stands, many people would not be able to access data that the Home Office holds on them - information which is often crucial when applying for a new immigration status. The specific issue is with an exemption for immigration (schedule 2, part 1, paragraph 4), which removes some data rights if those data are processed for the "maintenance of effective immigration control". That includes the right to access data, to restrict processing, to object to processing and the right to erasure. As well as arguing that "immigration control" has been poorly defined in the Act, the groups have claimed that the exemption creates an imbalance in different groups' data rights. The judicial review seeks to have this exemption removed from the Act on the grounds that it is incompatible with the GDPR and the EU Charter of Fundamental Rights.              

Web browser will no longer allow third parties to track users' behaviour

Mozilla has announced that the latest version of its Firefox browser will no longer allow third parties to track users' online behaviour by default. In addition to giving users the ability to choose whether they can be tracked by third parties at the start, the tech company is also aiming to fight against "fingerprinting," which gives companies the ability to identify settings on devices without users' knowledge. "This is about more than protecting users - it's about giving them a voice. Some sites will continue to want user data in exchange for content, but now they will have to ask for it, a positive change for people who up until now had no idea of the value exchange they were asked to make," Mozilla stated in a blog post.       

Singapore Commission issues guidance on data protection law

The Personal Data Protection Commission in Singapore has issued advisory guidelines on the National Registration Identity Card following the close of a public consultation. According to the guidance, organisations can collect, use or disclose NRIC numbers or copies of the NRIC only under certain specific circumstances. One situation is if they are required by the law or it is deemed necessary to accurately verify an individual's identity to a "high degree of fidelity". Another situation is when failing to provide NRIC details could pose a significant safety or security risk, or may pose a risk of significant impact or harm to an individual and the organisation. Organisations should be able to justify why they are collecting NRIC numbers when asked by individuals or the regulator. "The NRIC number is a permanent and irreplaceable identifier which can be used to unlock large amounts of information relating to an individual," the PDPC reasoned.       
More in depth data protection news and articles... 

PDP Journals logo
Privacy & Data Protection journal
Privacy & Data Protection Journal 

Subscribe to two or more titles at the same time and receive a 15% discount off the cheapest journal.

17th Annual Data Protection Conference (GDPR)

17th Annual Conference

11th & 12th October 2018 - London, UK 
** London's leading two-day GDPR Conference **  

James Dipple Johnstone
How the ICO will exercise its New Powers
James Dipple-Johnstone  
Deputy Commissioner (Operations) 
Infomation Commissioner's Office (ICO)
  This year, the conference is dedicated to reviewing the practical implications of the GDPR, and to help organisations ensure they are compliant.
16th Annual Data Protection Compliance Conference

* Speaker Highlight * 

Estelle Dehon The New Transparency Obligations 
Estelle Dehon - Cornerstone Barristers
The GDPR mandates 'transparency' as a new requirement of data protection. But what exactly does it mean to be transparent, and what must organisations now do that they were not doing before? This talk provides a practical guide to transparency, and includes key takeaways from the Article 29 Working Party's recently updated guidance.

For more information and to book your place:

PDP Training logo

Our professional and practical Training Courses enable delegates to understand the legal requirements in key areas of information and data protection compliance. Courses run throughout the year around the United Kingdom.
Here is a selection of courses taking place shortly:
Nick Williams_ Leadership Coach
Nick Williams Leadership Coach
When implementing legal compliance measures, organisations can sometimes forget that the exercise is as much about working effectively with other people as it is about implementing a set of procedures. Investing in the leadership skills of those who will be implementing compliance measures can dramatically increase the effectiveness of programmes as well as the buy-in of key staff members.Having other staff members working with compliance personnel and supporting their goals is partly about promoting messages effectively throughout the organisation, partly about incubating champions in other departments and partly about inspiring others to see the benefit of making changes to the way that things have traditionally been done.This highly interactive session on leadership skills provides compliance professionals with the skills that they need to become more effective in carrying forward compliance objectives, including:
  • understanding the aspects of your messages that will engage and inspire others
  • learning how to effectively communicate goals, and to instil in others a desire to assist you on implementing them
  • developing, communicating and cascading knowledge of your compliance aspirations for the organisation
  • developing effective relationships with key staff members
  • influencing others with integrity
  • developing a rollout plan.
Upcoming date for this training course is:
  • London      Thursday, 4th October 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue
Keith Read, Compliance Expert
Keith Read
The UK Modern Slavery Act became law in March 2015 and has now become a very high profile issue for organisations, not least due to the recent £40M government boost to battle against modern slavery in the UK.The legislation includes several new obligations, including a requirement on organisations with a turnover of £36M or more to prepare an annual slavery and human trafficking statement. As part of their modern slavery strategy, organisations are likely to need to appoint someone senior to be responsible for compliance, as the Act has numerous repercussions and involves risk assessments, due diligence and the introduction of new policies and training practices. Modern slavery may be unfamiliar territory to many organisations.This one-day training course provides a thorough foundation in practical modern slavery, covering all the critical areas. MoreDelegates have the opportunity to work through a number of practical case examples and a major case study drawn from industry-specific scenarios, supported by relevant internationally-published Whitepapers produced by the course Trainer. The course is highly interactive, with plenty of opportunity for questions.  The next available date for this course is:
  • London     Thursday, 27th September 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 
Damien Welfare_ Cornerstonoe Barristers
Damien Welfare
Cornerstone Barristers
The Data Protection Act 2018 makes key changes to data protection law in the United Kingdom. It supplements the GDPR, and the two have to be read together to have a complete picture of the UK position. It adds to the "lawful bases" on which special category data may be processed, sets out the extensive exemptions to the GDPR which apply in the UK, defines the scope of much processing in the public sector, and applies rules based on those in the GDPR to processing for activities which fall outside EU competence. This course focuses on assisting those working in mainstream data protection compliance (in both the private and public sectors) to understand the DPA 2018's implications from a practical perspective, including:
  • modifications to key definitions contained in the GDPR, and their significance
  • the lawful bases  for processing special category personal data in the UK - when and how they will apply, and how controllers can take advantage of them
  • exemptions from the GDPR in the UK
  • the age of consent of children to processing for internet society services
  • how provisions based on the GDPR are applied by the Act to activities outside EU competence
  • the conditions for processing personal data on criminal matters
  • modifications to the rights of individuals
  • public interest processing - scope and applicability
  • restrictions on the applicability of certain aspects of the GDPR in the UK
  • enhanced powers of the Information Commissioner, including entry and inspection, and the new enforcement regime
It is recommended that delegates attending this session have at least a basic knowledge of current data protection legal requirements under the GDPR. Delegates with no existing knowledge may find it helpful to attend Data Protection Essential Knowledge Level 1 before attending this training course.The course is next taking place on the following dates (further dates are available online):
  • London           Monday, 1st October 2018
  • Manchester    Monday, 12th November 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 

Final few places remaining for October 2018
PC.dp Residential Programme The residential option on the Practitioner Certificate in Data Protection Programme (GDPR) provides candidates with the opportunity to study the Programme intensively on four consecutive days (rather than five for the Standard Programme)

Find out more >

Practitioner Certificate in Data Protection - GDPR Conversion Programme
Upcoming intensive training weeks in Bristol, Edinburgh and Manchester 
Ensure you are have the knowledge to practically implement the GDPR in your organisation.  
The Practitioner Certificate in Data Protection is the practical qualification which can be taken either on an intensive, flexible or distance-learning basis.
"I am delighted to have achieved this qualification. The Certificate sets a recognised standard for data protection professionals and it has provided me with the knowledge and confidence of data protection requirements, especially in light of the new Regulation." 
Joanne Maurizi 
Find out more >

Next training session taking place in London in October 2018
Leadership Skills for Compliance Professionals 
This highly interactive session on leadership skills provides compliance professionals with the skills that they need to become more effective in carrying forward compliance objectives  

"By far the most practical resource available to help understand the complexities of the GDPR..."
A Practical Guide to UK and EU Law  

This book is an invaluable practical resource for organisations in meeting the requirements of the GDPR.
Find out more & Order your copy here >

Qualify as a GDPR Data Protection Practitioner

Flexible training options allow you to train alongside other commitmentsMore information >  
"The course content was informative and well presented, with very knowledgeable trainers. The exam was challenging, so I feel a real sense of achievement in having gained this qualification."   Caroline Chalk
Head External Information Services
Civil Aviation Authority
"I found the course to be thoroughly enjoyable and enlightening in a number of areas. I have managed to apply the knowledge gained through the course already in my day to day role."
Brendan Byrne
Senior Managing Consultant Security & Privacy
"The qualification strikes the right balance of interpreting important and complicated legislation and imparting this to students with a well structured course, underpinned with simple to understand information and then a vigorous examination. Organisations should feel assured by any of its staff undertaking and passing this qualification that their information is being managed and shared securely."
Kim Bellis
Records Service Manager
Royal Cornwall Hospitals NHS Trust
"I am very pleased to have followed the Practitioner Certificate in Data Protection course and passed the examination. This will be of great benefit to my employer, as it demonstrates the value we place on this complex area of ethics and compliance."
Alan White
Data Protection Manager
Pitney Bowes
"The course which was delivered by experts in the field of Privacy and Data Protection Law was very enjoyable and engaging. The examination was based on applying legislation and knowledge to practical cases rather than a test of how much information you could remember. I am delighted that I passed the exam and to have a qualification that is very much respected, as well as letters after my name! I recommend both the course and the examination for anyone wanting to increase their knowledge of Data Protection Law."
Bleneta Carr
Pearson Education
"I am delighted to have achieved this qualification. The Certificate sets a recognised standard for data protection professionals and it has provided me with the knowledge and confidence of data protection requirements, especially in light of the impending new Regulation."
Joanne Maurizi
Assistant Manager
"Synectics Solutions recognises that compliance with data protection regulation is critical to all organisations that handle personal information. It has never had a greater focus than at the present time. Having looked at the training and professional qualifications available, we concluded that the PDP certification was the most appropriate for our business. The course was delivered by legal experts in the field. They were able to bring the events to life with real-life scenarios and case studies."
Steve Sands
Head of Security
Synectics Solutions
PDP, Canterbury Court, Kennington Park, London, SW9 6DE, United Kingdom

NHS Networks - News Stories

NHS NETWORKS daily news stories:
11:39am, 22 August 2018
Practical tools for problem-solving
Professionals at every level

PDP - FOI News Update - 30 August 2018

Journalist wins two-and-a-half-year FOI battle at Upper Tribunal
FOI email header
  Issue: 30/08/2018


Journalist wins two-and-a-half-year FOI battle at Upper Tribunal
Journalist Claire Miller has won her long battle for information on homelessness from the government. Ms Miller's request, made in December 2015, was refused on the grounds that it was not in the public interest to release the relevant files, because the government had to redact personal information in order to prevent individuals from being identified. In coming to her findings, Judge Markus said neither the government nor the ICO had "advanced any possible basis on which individuals could be identified from the data". She concluded: "Moreover, it is quite fantastical to suppose that, several years later, there would be anyone sufficiently motivated to try to identify an individual to which the data related. The information... is not such as is likely to attract those with investigative skills, such as a journalist, to attempt to identify individuals." Ms Miller commented: "This decision is a reminder that public bodies should go through the process of assessing whether the information is actually personal data and identifiable no matter how small the numbers are."
ICO upholds complaint against Sussex police
The Information Commissioner's Office has upheld a complaint made against Sussex police, which has been trying to avoid explaining allegations it made about Crystal Palace supporters being armed with "knives and knuckle-dusters" at a game against Brighton last November. Fanzine Five Year Plan attempted to learn about the allegations by submitting FOI requests late last year, but the force refused disclosure on public interest grounds. The ICO has now issued a decision notice requiring the force to respond.
Police force misinterprets information request
Suffolk Police has confirmed that it misunderstood a request for information about thefts near cashpoints, leading it to issue incorrect information. Price comparison website MoneySuperMarket had compiled statistics, based on the police force's FOI release, claiming that the town of Bury St Edmunds had more thefts and robberies near cashpoints per resident than any other town or city in the country over the last decade. Following the publication of the MoneySupermarket report, Suffolk Police reviewed the original FOI request and realised it had been 'misinterpreted'. This led to the force's response including 800 incidents across the county, when the correct total was in fact 189.
FOI qualification - latest exam results
The results of the Summer 2018 Examination on the Practitioner Certificate in Freedom of Information Programme have been announced. Joanna Wallis, Freedom of Information and Governance Officer at the University of the West of England, one of the successful candidates, said "The four days of training and detailed course materials helped me to prepare for the exam and gave me a good understanding of my new role as FOI Officer. I now feel ready for anything, though I do keep my course ring binders handy - just in case!" The names and organisations of the successful candidates will be published in an upcoming edition of Freedom of Information Journal.
MP Charlie Elphicke submits FOI requests about Channel illegal immigration
Dover MP Charlie Elphicke has submitted a series of FOI requests to the Home Office regarding illegal immigrants following a series of high profile cases. Mr Elphicke said: "The number of stories surfacing in recent weeks is extremely concerning. That's why I have asked the Home Office for a detailed breakdown. We need to get a sense of the scale of this problem. It will help make an even stronger case for the investment I have been calling for to ensure our borders are truly safe and secure". Mr Elphicke says there needs to be proper investment in border security and no "Dad's Army-style" set-up.
Full transparency demanded over talks between Nicola Sturgeon and Alex Salmond
Nicola Sturgeon has been warned it would be "completely unacceptable" to keep hidden from the public the nature of her discussions with Alex Salmond after he was accused of sexual misconduct. Opposition parties demanded "full transparency" and called on the First Minister to reveal what was said in three meetings with her predecessor, after two female civil servants accused him of harassment. Labour said it wanted to know whether Mr Salmond, who strongly denies the allegations, had asked her to intervene in an official government investigation on his behalf. The party has submitted freedom of information requests in a bid to reveal what was discussed by the current and former First Minister, and is seeking the release of any minutes of the talks.
Freedom of infomation JournalMore freedom of information news and articlesVisit the website to receive a Free Sample Copy or to Subscribe Now"PDP's FOI journal has proved very helpful in keeping us up to date with developments in FOI, interesting news and case law."Deborah Coombs
Nottingham University Hospitals NHS TrustSubscribe to two or more journals at the same time and receive a discount
For more information, visit PDP Journals

PDP Training logo
Professional and practical Training Courses enable delegates to understand the legal requirements in key areas of compliance.  
The following is a selection of some of PDP's current courses.  
Estelle Dehon, Cornerstone Barristers
Estelle Dehon
Cornerstone Barristers
Since the Freedom of Information Act 2000 came fully into force in 2005 we have experienced a fundamental change in the relationship between UK government and its citizens as government information has become more publicly accessible. Greater transparency is also a key policy of the Coalition Government, and in light of the deficit reduction programme there is an ever increasing public interest in how public money is spent. This has led to the publication of a wide range of public sector datasets and proposals to expand the Freedom of Information Act through the Protection of Freedoms Bill. Information Officers are central to these developments and need to be fully aware of the Act and the impact of future changes to it.This training session is designed to help those who are on the receiving end of requests for information and those who advise and assist them.This training course can be used as credit towards gaining the Practitioner Certificate in Freedom of Information.Upcoming dates for this training course are:
  • Belfast           Monday, 24th September 2018
  • Manchester   Tuesday, 16th October 2018
  • London          Monday, 22nd October 2018  
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 

FOI Practical Training - Level 2 (Applying the Exemptions)
Liz Fitzsimons, Eversheds
Liz Fitsimons

Public sector bodies must make daily decisions on how to respond to requests for information under the Freedom of Information Act 2000 and how to apply the exemptions in the Act. Those decisions are increasingly reviewed and, in many cases, overturned by the Information Commissioner, the Information Tribunal and the Courts. As case law develops and changes, public authorities need to ensure that they understand when the exemptions can be applied, and what they have to demonstrate to apply them correctly.This training session considers in detail the practical application of the main FOI exemptions.A discount is available for delegates booking both FOI Level 1 and FOI Level 2.This training course can be used as credit towards gaining the Practitioner Certificate in Freedom of Information.Upcoming dates for this training course are:
  • Belfast           Tuesday, 25th September 2018
  • Manchester    Wednesday, 17th October 2018
  • London          Tuesday, 23rd October 2018 
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 
John Wilson, Mosaic
Organisations face increasing pressure to manage their records according to statutory and business requirements. As the use of electronic records and the deployment of electronic document and records management systems continue to increase, the core skills of the person responsible for records management become ever more important to the organisation. In many cases, appropriate data protection and FOI compliance will depend upon a good records management system.This invaluable training session, led by John Wilson, examines core concepts of good records management practice.Records Management 1 is an introductory level session that provides delegates with a thorough grounding in the fundamentals of records management, including:
  • introduction - basic concepts
  • records management tools
  • records lifecycle approach
  • designing a file plan
  • records destruction
  • legal framework / compliance
  • management of electronic records and email 
Upcoming dates for this training course are:
  • Edinburgh      Thursday, 4th October 2018
  • Isle of Man     Thursday, 18th October 2018  
  • Belfast            Thursday, 25th October 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 

This course examines how to implement good records management practice. Led by John Wilson, Records Management 2 is an intermediate level session that provides a grounding in the fundamentals of records management, including:
  • introduction - initiating a records management project
  • records audit
  • process mapping
  • building a business classification scheme
  • measuring performance
  • sustaining a records management programme
Delegates are encouraged to share their own experiences at the session. The day will be a mixture of presentation and practical exercises. There will be plenty of opportunity for questions.Upcoming dates for this training course are:
  • Edinburgh       Friday, 5th October 2018
  • Isle of Man      Friday, 19th October 2018 
  • Belfast             Friday, 26th October 2018 
A discount is available for delegates attending both the Level 1 and Level 2 sessions, as well as for multiple delegates attending from the same organisation.
For further information and to make a booking,
  1. Visit PDP's website  
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 

Next training sessions taking place in Edinburgh, Isle of Man and Belfast
Records Management Levels 1 & 2
These highly practical sessions provide a thorough grounding and examine the core concepts of good records management practice (crucial for effective FOI and Data Protection compliance).  
The latest edition (Volume 14, Issue 4), features the following articles:Back to the FOIA: how FOIA affects historical records - Paul Gibbons, aka FOIManTo hold, or not to hold - that is the question - Lynn Wyeth, Leicester City CouncilRecent decisions of the Commissioner and Tribunal - Alison Berridge & Imogen Proud, Monckton Chambers
Request a FREE sample or

For more information, please visit PDP Journals
Next training sessions taking place in Belfast, Manchester & London 


Public authorities and their advisors, and those contracting with the public sector or carrying out public functions, need to understand the scope of the Regulations in order to handle information requests correctly.  
This training session explains the meaning and scope of the EIR. It examines in detail the boundary with FOI, based on decisions of the Information Commissioner and Information Tribunal and on guidance from DEFRA.
Flexible training options allow you to train alongside other commitments  
"I am very pleased to have achieved the Practitioner Certificate in Freedom of Information. The programme provides excellent knowledge and understanding on the practical applications of handling requests for information"
Louise Smith
Financial Ombudsman Service
"A very worthwhile qualification which I wholeheartedly recommend to colleagues"
Barbara Tyldesley
The Environment Agency
"I am so pleased to have passed the Practitioner Certificate in FOI. The 4 day course was excellent and I am now confident in my role as FOI Officer for Social Services. The course has helped me develop my skills and knowledge of FOI/EIR and DP and I would encourage anyone working in this area to attend."
Rachael Strand
Flintshire County Council
"The Practitioner Certificate in FOI was an excellent opportunity to receive specialised training and gain a recognised qualification. In particular, I found the instructors to be both knowledgeable and engaging. As a regulator in an overseas territory, I was easily able to translate the learning into practice. I have and do encourage other FOI practitioners to take advantage of this training programme."
Clara Smith
Information Commissioner's Office (Grand Cayman)
"I am delighted to have passed my examination, achieving this qualification and attending the courses have been a very positive experience which have boosted my confidence and enthusiasm for this subject. I found the courses very informative and the course handout binders are an excellent reference tool which is very relevant to the workplace."
Julie Johnson
Durham County Council
"I'm delighted to have passed the exam; it was hard work preparing for an exam, having not sat one for over 10 years, but the course materials really helped structure my revision. Passing has increased my confidence in dealing with the Act which will be of benefit to myself as well as my organisation."
Heledd Thomas
Comisiynydd y Gymraeg
"I found this to be a comprehensive course, which was well structured to be relevant and of interest to everyone from FOI beginners to more seasoned practitioners. The course tutors were very knowledgeable and clearly very interested in their respective topic areas, and the course was similarly detailed and well-taught."
Mark Reynolds
"I'm thrilled to have gained this qualification. FOI can be a complicated area to understand and apply, but the tutors were excellent in bringing it to life in an interesting way."
Angela Sanderson
Big Lottery Fund
"The Practitioner's Certificate has equipped me with the knowledge and confidence to undertake my role. I found the courses well presented and easy to follow. The case studies are particularly useful, as they give an insight into different scenarios that one may experience. I would recommend PDP to anyone wanting to gain this qualification."
Kim Starbuck
London Borough of Barking and Dagenham "Both the thought provoking training and materials as well as passing the exam will help to ensure we provide a prompt quality service when dealing with information requests particularly as those involving planning can raise complex issues"
John Pierce
The Department for Communities and Local Government 
PDP, Canterbury Court, Kennington Park, London, SW9 6DE, United Kingdom


New standard for clinical referrals will support faster, better patient care

New standard for clinical referrals will support faster, better patient care

The Professional Record Standards Body has developed

Connect with IHRIM

May   2019
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31