Your organisation’s policies and procedures provide your staff with enough direction to understand their roles and responsibilities regarding data protection and information governance.
Ways to meet our expectations:
- The policy framework stems from strategic business planning for data protection and information governance, which the highest level of management endorses.
- Policies cover data protection, records management and information security.
- You make operational procedures, guidance and manuals readily available to support data protection policies and provide direction to operational staff.
- Policies and procedures clearly outline roles and responsibilities.
Can you answer yes to the following questions?
- Do staff know where to find relevant policies and are they easy to find?
- Could your staff explain their role and responsibilities and how the policies and procedures help them?