Common use of Term Definition Clause in Contracts

Term Definition. Appropriate Policy Document The Data Protection Act 2018 outlines the requirement for an Appropriate Policy Document to be in place when processing special category and criminal offence data under certain specified conditions. Detail on Appropriate Policy Documents can be found in Schedule 1, Part 4 of the DPA 18 and Section 42 of the DPA 18 for competent authorities. Data Protection Act 2018 The UK’s third generation of data protection law replaces the Data Protection Act 1998. The 2018 Act accepts the standards and obligations set by UK GDPR and, where UK GDPR allows, makes specific provisions relevant to the UK. The 2018 Act also transposes EU Data Protection Directive 2016/680 (Law Enforcement Directive) into domestic UK law. It is important the UK GDPR and the DPA 2018 are read side by side. Data Protection Officer Certain categories of organisation, including any public body or authority (except courts in their judicial capacity) are required to designate a suitably qualified Data Protection Officer (DPO). The tasks of the DPO are set out in Article 39 of UK GDPR. Data subject A ‘data subject’ is an identified or identifiable natural person. Organisations may refer to data subjects as service users, patients, clients, citizens, etc but for consistency, WASPI framework documentation refers to data subjects. UK GDPR The UK General Data Protection Regulation (UK GDPR) lays down laws relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data. This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data. Law Enforcement Purposes The purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security (DPA 2018 Part 3, Chapter 1, Section 31). Personal data ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal data about criminal convictions, offences or related security measures This includes personal data which relates to the alleged commission of offences by the data subject, or proceedings for an offence committed or alleged to have been committed by the data subject or the disposal of such proceedings, including sentencing. (DPA 2018 Section 11(2)) Personal identifiers A set of basic personal details that allow partner organisations to identify a data subject. Personal information Includes information falling within the definition of ‘personal data’ and information about deceased individuals. Data protection legislation does not apply to information about deceased individuals but such information needs to be treated confidentially and WASPI should be applied to this information. Practitioner An inclusive term that refers to those involved in the care, education, welfare of data subjects; ie those who provide a public service. Processing personal data ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.’ (UK GDPR Art 4(2)) Special categories of data / sensitive processing Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation. (UK GDPR Art 9(1))

Term Definition. Appropriate Policy Document The Data Protection Act 2018 outlines the requirement for an Appropriate Policy Document to be in place when processing special category and criminal offence data under certain specified conditions. Detail on Appropriate Policy Documents can be found in Schedule 1, Part 4 of the DPA 18 and Section 42 of the DPA 18 for competent authorities. Data Protection Act 2018 The UK’s third generation of data protection law replaces the Data Protection Act 1998. The 2018 Act accepts the standards and obligations set by UK GDPR and, where UK GDPR allows, makes specific provisions relevant to the UK. The 2018 Act also transposes EU Data Protection Directive 2016/680 (Law Enforcement Directive) into domestic UK law. It is important the UK GDPR and the DPA 2018 are read side by side. Data Protection Officer Certain categories of organisation, including any public body or authority (except courts in their judicial capacity) are required to designate a suitably qualified Data Protection Officer (DPO). The tasks of the DPO are set out in Article 39 of UK GDPR. Data subject A ‘data subject’ is an identified or identifiable natural person. Organisations may refer to data subjects as service users, patients, clients, citizens, etc but for consistency, WASPI framework documentation refers to data subjects. UK GDPR The UK General Data Protection Regulation (UK GDPR) lays down laws relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data. This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data. Law Enforcement Purposes The purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security (DPA 2018 Part 3, Chapter 1, Section 31). Personal data ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal data about criminal convictions, offences or related security measures This includes personal data which relates to the alleged commission of offences by the data subject, or proceedings for an offence committed or alleged to have been committed by the data subject or the disposal of such proceedings, including sentencing. (DPA 2018 Section 11(2)) Personal identifiers A set of basic personal details that allow partner organisations to identify a data subject. Personal information Includes information falling within the definition of ‘personal data’ and information about deceased individuals. Data protection legislation does not apply to information about deceased individuals but such information needs to be treated confidentially and WASPI should be applied to this information. Practitioner An inclusive term that refers to those involved in the care, education, welfare of data subjects; ie those who provide a public service. Processing personal data ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.’ (UK GDPR Art 4(2)) Special categories of data / sensitive processing Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation. (UK GDPR Art 9(1))) JES Joint Equipment Service TCES Total Community Equipment Solution

Term Definition. Appropriate Policy Document The Data Protection Act 2018 outlines the requirement for an Appropriate Policy Document to be in place when processing special category and criminal offence data under certain specified conditions. Detail on Appropriate Policy Documents can be found in Schedule 1, Part 4 of the DPA 18 and Section 42 of the DPA 18 for competent authorities. Data Protection Act 2018 The UK’s third generation of data protection law replaces the Data Protection Act 1998. The 2018 Act accepts the standards and obligations set by UK GDPR and, where UK GDPR allows, makes specific provisions relevant to the UK. The 2018 Act also transposes EU Data Protection Directive 2016/680 (Law Enforcement Directive) into domestic UK law. It is important the UK GDPR and the DPA 2018 are read side by side. Data Protection Officer Certain categories of organisation, including any public body or authority (except courts in their judicial capacity) are required to designate a suitably qualified Data Protection Officer (DPO). The tasks of the DPO are set out in Article 39 of UK GDPR. Data subject A ‘data subject’ is an identified or identifiable natural person. Organisations may refer to data subjects as service users, patients, clients, citizens, etc but for consistency, WASPI framework documentation refers to data subjects. UK GDPR The UK General Data Protection Regulation (UK GDPR) lays down laws relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data. This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data. Law Enforcement Purposes The purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security (DPA 2018 Part 3, Chapter 1, Section 31). Personal data ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal data about criminal convictions, offences or related security measures This includes personal data which relates to the alleged commission of offences by the data subject, or proceedings for an offence committed or alleged to have been committed by the data subject or the disposal of such proceedings, including sentencing. (DPA 2018 Section 11(2)) Personal identifiers A set of basic personal details that allow partner organisations to identify a data subject. Personal information Includes information falling within the definition of ‘personal data’ and information about deceased individuals. Data protection legislation does not apply to information about deceased individuals but such information needs to be treated confidentially and WASPI should be applied to this information. Practitioner An inclusive term that refers to those involved in the care, education, welfare of data subjects; ie those who provide a public service. Processing personal data ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.’ (UK GDPR Art 4(2)) Special categories of data / sensitive processing Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation. (UK GDPR Art 9(1))) GEMS Gwent Education Minority Ethnic Service (GEMS) supports Torfaen pupils whose first language is not English or Welsh Under an SLA with Newport City Council Language Acquisition record The LAR records the pupil’s language progress against the 5 Welsh Government language stages. EAL English as an Additional Language

Term Definition. Appropriate Policy Document The Data Protection Act 2018 outlines the requirement for an Appropriate Policy Document to be in place when processing special category and criminal offence data under certain specified conditions. Detail on Appropriate Policy Documents can be found in Schedule 1, Part 4 of the DPA 18 and Section 42 of the DPA 18 for competent authorities. Data Protection Act 2018 The UK’s third generation of data protection law replaces the Data Protection Act 1998. The 2018 Act accepts the standards and obligations set by UK GDPR and, where UK GDPR allows, makes specific provisions relevant to the UK. The 2018 Act also transposes EU Data Protection Directive 2016/680 (Law Enforcement Directive) into domestic UK law. It is important the UK GDPR and the DPA 2018 are read side by side. Data Protection Officer Certain categories of organisation, including any public body or authority (except courts in their judicial capacity) are required to designate a suitably qualified Data Protection Officer (DPO). The tasks of the DPO are set out in Article 39 of UK GDPR. Data subject A ‘data subject’ is an identified or identifiable natural person. Organisations may refer to data subjects as service users, patients, clients, citizens, etc but for consistency, WASPI framework documentation refers to data subjects. UK GDPR The UK General Data Protection Regulation (UK GDPR) lays down laws relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data. This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data. Law Enforcement Purposes The purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security (DPA 2018 Part 3, Chapter 1, Section 31). Personal data ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal data about criminal convictions, offences or related security measures This includes personal data which relates to the alleged commission of offences by the data subject, or proceedings for an offence committed or alleged to have been committed by the data subject or the disposal of such proceedings, including sentencing. (DPA 2018 Section 11(2)) Personal identifiers A set of basic personal details that allow partner organisations to identify a data subject. Personal information Includes information falling within the definition of ‘personal data’ and information about deceased individuals. Data protection legislation does not apply to information about deceased individuals but such information needs to be treated confidentially and WASPI should be applied to this information. Practitioner An inclusive term that refers to those involved in the care, education, welfare of data subjects; ie those who provide a public service. Processing personal data ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.’ (UK GDPR Art 4(2)) Special categories of data / sensitive processing Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation. (UK GDPR Art 9(1))) WCCIS Welsh Community Care Information System SC Swansea Council SBUHB Swansea Bay University Health Board NPT Neath Port ▇▇▇▇▇▇ ▇▇ Mental Health SU Substance Use ADFS Active Directory Federation Service (AD FS) is a single sign on (SSO) feature developed by Microsoft that provides safe, authenticated access to WCCIS web application. All Regional participating organisations have their access to WCCIS managed in this way. PSALT Primary Substance Abuse Liaison Team