Data Protection Plan Requirements And Guideline
What is a data protection plan? The data protection plan describes the basic information that should be included in all data protection plans, the type of protection expected, and the disclosure rules for the presentation and publication of the data. The privacy plan should describe the following elements of the work and computer environment.
Protection expected types
Your data protection plan should clearly describe how your work environment will protect data for each of these features.
- Standalone, non-network computer, or enabled data clave.
- The data may only be used by persons with a contractual license to use the data
- The use of the data must be in the office environment described in the security plan and not in the home or any other field environment location.
- The data cannot be used on laptop computers.
- Password-protected access to all computers that store data.
- Encrypt all files with password protection.
- Automatic activation of password protection on a computer after five minutes of inactivity on the computer.
- It destroys detailed lists and printouts that are no longer needed.
- All removable storage devices (such as CDs, floppy disks, zip drives,etc.) by encryption and storage in a locked compartment or room when not in use.
- Store detailed prints from data analysis in a closed compartment or room if not in its use.
- We undertake to destroy or return files containing limited data at the end of the project.
- Prepare and maintain a log of all acquired data files. Record the dates of the data and paperwork received, returned, or destroyed.
- Data is not automatically backed up.
- Inform all research staff who have access to the limited data in the data protection plan, proper use of data, and sanctions for improper use.
The limited data checker should regularly monitor the use of data throughout all project employees and co-workers. Clear rules for limited data use should be published in an easily accessible place visible to staff. At the end of the research project, all limited media must be available destroyed or returned to the PSID, and all data files and unpublished prints must be destroyed.
Declaration of rules
The privacy plan should carefully describe how it is avoided by researchers and employees – unintentional disclosure of the geographical location or identity of the respondents in all working documents, publications, and presentations.
Minimum all staff and researchers should agree to keep out from any type of presentation and publication to the following information.
- List, describe or identify a tract or tracts by number, name, or descriptor info.
- List of individual cases
- Description of the individual case.
- Tabulations or summary statistics that have cell size under eleven observations.
Also Read: Best 5 Databases for the company’s
Description of a data protection plan
- List and report all the locations where the original and copies of data stored, also provide the building name, street address, and exact room numbers.
- List the names with the CV of all researchers and individuals who have data access.
- Report the computing environment in which data will be used, including all computing platforms like mainframe, work station, and personal computers. The total number of computers on which data will be analyzed or stored.
- An environmental and physical address in which computer and data are kept like in a room with public access, in-room locked when it’s not in used by any research officer.
- A report and list of all devices in which data will be stored like mainframe storage device, Computer and hard drives, removable storage devices like zip drive, floppy drive, and CD.
- Instructions in data protection policies that will be handed to students or each staff member before they getting access to data as well as recurrent instruction that should be conducted every year.