 |
|
Home | Index | Congregations | Press Releases | Events | Clerk | Webmaster |
|
| MEMO FOR CONGREGATIONS AND PRESBYTERY MEMBERS Your Congregation has recently been included in the Presbytery of Aberdeen's renewed Registration under the Data Protection Act Your responsibility is to ensure that the following measures are implemented in your Church: i Adopt an information security policy (i,e. providing clear management direction on responsibilities and procedures in order to safeguard personal data. ii Take steps to control physical security (for example, locking the doors of the office or building where computer equipment is held) iii Put in place controls on access to information (for example, introduction of password protection on files containing personal data and encryption) iv Establish a business continuity plan (for example, holding a back-up file in the event of personal data being lost through flood, fire or other catastrophe) v Train your staff on security systems and procedures vi Detect and investigate breaches of security should they occur vii Adopt the British Standard Information Security Management BS7799 (This standard is not a statutory requirement but a business led approach to best practice on information security management.) More information at: http://www.c-cure.org March 2002 |
|
Home | Index | Congregations | Press Releases | Events | Clerk | Webmaster |