2015 to April 2016 Home Office
Application Development Information Security UK
The Border DSAB project security awareness training included a practical understanding of the Official Secrets Act to which member of the team had signed up to under the terms of their security clearance as government contractors. In addition there was a need to understand staff members’ responsibilies under other Acts of Parliament and other regulations
Result : As the Information Assurance (IA) consultant I was able to work with project teams regarding their compliance with the legislation through consultation and where necessary with the Home Office accreditor’s team when clarification of the detail of implementation was required
GDS June 2017-July 2018 Cabinet Office Government Digital Service (GDS) Information Security Manager
Much of the role was to do with compliance as the Legal Resources in Cabinet Office (CO) were in short supply at the start of my contract. This was greatly alleviated when a GDPR specialist trained barrister appeared to assist GDS through the May 2018 deadline.
Result : In regard to the data science project, the GDS Information Asset Owner made a statement of responsibility for the dataset subject to IA undertaking due diligence for the secure handling of the data for the period of our use of the dataset in regard to any accidental occurrence of the data becoming “sensitive personal information “ under the terms of the GDPR.
Result : In regard to Digital and Data workforce survey the legal basis for processing was accepted by a Privacy solicitor who joined the team later This took place before I obtained my privacy certifications ( CIPPE and CIPM ) as a member of the International Association of Privacy Professionals.