Employee privacy in a global company - PowerPoint PPT Presentation

1 / 14
About This Presentation
Title:

Employee privacy in a global company

Description:

BP is of one of the world's largest energy ... Digital Communications & Technology. Digital Security Strategy Compliance (Privacy & Data Protection) ... – PowerPoint PPT presentation

Number of Views:51
Avg rating:3.0/5.0
Slides: 15
Provided by: sandra102
Category:

less

Transcript and Presenter's Notes

Title: Employee privacy in a global company


1
Employee privacy in a global company
  • Sandra Kelman
  • Privacy Manager (Asia Pacific)
  • Privacy Issues Forum
  • 30 March 2006

2
Context
  • BP is of one of the world's largest energy
    companies, providing its customers with fuel for
    transportation, energy for heat and light, retail
    services and petrochemicals products for everyday
    items
  • Over 100,000 people work in 100 countries across
    six continents
  • Exploration activities cover 26 countries
  • 27,800 service stations serve around 13 million
    customers each day
  • Mega data centres in Singapore, Houston
    London

3
Structure
  • Digital Communications Technology
  • Digital Security Strategy Compliance (Privacy
    Data Protection)
  • Compliance Manager
  • 4 Privacy Managers (UK Western Europe,
    Germany Eastern Europe, Americas, MoW)
  • Data Privacy Co-ordinator in each country
    (Privacy Officer)

4
Foundation Documents
  • Privacy Data Protection Policy Security of
    Information Policy
  • International Intra-Group Data Protection
    Agreement
  • Codes of Practice (applied globally)
  • Fair Processing Statements
  • Employee Code of Conduct

5
Privacy Data Protection Policy
  • Applies where no local legislation
  • Ties in with IGA
  • Based on EU Data Protection Directive
  • Principles for information processing
  • Rights and responsibilities
  • On Intranet provided in induction phase
  • Security of Information Policy
  • Retention Guidelines/Schedules

6
International Intra-Group Data Protection
Agreement (IGA)
  • Signed off by Country President
  • Permits individual BP operations to meet
    legislative obligations where data transfers are
    regulated
  • Allows trans-border data flows via gaining the
    consent of individuals through the issue of a
    Fair Processing Statement (FPS)
  • Commits businesses to respect relevant local
    legislation
  • Creates a common business standard through
    implementing the Global Data Protection Policy.
  • Implementation
  • Designate a Country Data Protection Coordinator
    (full or part-time)
  • Education Support
  • Compliance through monitoring

7
Codes Of Practice
  • CCTV
  • Consistent application
  • Model signage
  • 40 pages
  • Employment
  • UK model
  • Suggested standards
  • 91 pages (plus supplementary guidance)!

8
Fair Processing Statements
  • Information for employees about information
    collected, held and its uses
  • Authority to process information as described
  • Explanation of data held in HR systems
  • Third Party Processors privacy notice (UK)
  • Campaign to issue one to each BP employee new
    and existing!

9
Code of Conduct
  • Our Commitment to Integrity
  • Specifically refers to privacy
  • there should be no gap between what we say and
    what we do
  • Misuse of information
  • Privacy and employee confidentiality
  • Data quality
  • Protecting BPs assets (includes information)
  • Intellectual property
  • Security

10
Privacy Quiz
11
Privacy Quiz 2
12
Privacy Quiz 3
13
Privacy Compliance Audits
  • Use UK Information Commissioners methodology
  • Adapted for local legislation or BP Privacy
    Policy
  • Heavy and Light
  • Monitor privacy compliance at that time
  • Interviews with staff functions or processes
  • Audit report non-compliances and observations
  • Risk Register checks follow up actions

14
(No Transcript)
Write a Comment
User Comments (0)
About PowerShow.com