Recommendations

A P I A document.

The PIA makes recommendations on the following things in the data asset:

A principles book.

1. Principles for adding datasets in the data asset in the future. This means that there are rules about what data can be added to the data asset.

A person holding up a document that says 'Collection Notice'.

2. Collection notices for data providers. This means that data providers will receive words to explain how information for the data asset is used.

A laptop that says 'Name' and 'Address'.

3. Managing the risk of re-identifying data. Looking at the way things are done. This means that we keep checking the ways we keep information private and safe.

A person holding up a magnifying glass. A laptop that says 'Data' on it.

4. Managing the risk of re-identifying data.

Rules about:

how data is shared
research projects that use the data
how to keep information private.

A plan document.

5. Managing data breaches. A clear plan that says what should be done if data is:

shared or used in the wrong way, or
used by a person who should not have access.

A rules book.

6. Develop a Compliance Framework. A way to check the rules that keep data safe and private are being followed.