Data Protection Compliance

The request was partially successful.

Dear Sir/Madam,

I am writing to make a formal request for information under the provisions of the Freedom of Information Act 2000. I kindly request that you provide me with the following information:

1. A copy of your organisation's Records of Processing Activity (ROPA) as defined in Article 30 of the UK General Data Protection Regulation (UK GDPR).

2. A copy of all legitimate interest assessments conducted by your organisation where you rely on Article 6(1)(f) legitimate interests as your lawful basis for processing.

3. A copy of all privacy impact assessments conducted by your organisation.

4. A copy of all data protection impact assessments conducted by your organisation.

5. A copy of all international transfer risk assessments conducted by your organisation.

6. A recent copy of your organisation's data protection compliance assessment using the Information Commissioner's Office (ICO)'s accountability framework template. If you are using your own standards to monitor compliance with the Data Protection 2018, please provide me with copy of it.

7. A copy of your organization's data protection policy.

8. A copy of your organization's subject access request policy, procedures, and processes, including any guidance material such as folder structure, naming conventions, and redaction guides.

9. A copy of your organisation's privacy notices, including but not limited to employees, customers, ministers, special advisors (SPADs), complaints, NEDS, visitors, and CCTV.

10. A copy of your organisation's due diligence questions for vendor management such as independent data controllers or processors.

I understand that under the Freedom of Information Act, you are required to respond within 20 working days. To stay within section 12 - cost limits, I suggest asking your Data Protection Officer for the information. If this is not possible, I suggest a search of your compliance platform and your Microsoft estate for the following search terms (not case sensetive):

1. "records of processing activity" OR "ropa"
2. "legitimate interest assessment" OR "LIA"
3. "privacy impact assessment" OR "privacy impact assessments" OR "PIA"
4. "data protection impact assessment" OR "DPIA"
5. "transfer risk assessment" AND "personal data"
6. "accountability framework"

I would prefer to receive the requested information in electronic format via email.

Should you require any clarification or further details in order to process this request, please do not hesitate to contact me. I would be grateful if you could confirm receipt of this request and provide a reference number for future correspondence.

Thank you for your attention to this matter. I look forward to receiving the requested information within the statutory timeframe.

Yours faithfully,
Jay Bhanji

Supreme Court, High Court of the Justiciary

Thank you for emailing Supreme Courts, we will forward to the relevant
department who will deal with this query in due course.

 

Protect the environment...please don't print this e-mail unless you really
need to

E-MAIL DISCLAIMER
This e-mail, and any files transmitted with it, are confidential and
intended solely for the use of the individual or entity to whom they are
addressed. If you have received this e-mail in error please notify your
local Court.  Contact details for each Court location can be found on our
website at [1]https://www.scotcourts.gov.uk

Please note that any views or opinions presented in this e-mail are solely
those of the author and do not necessarily represent those of the Scottish
Courts and Tribunals Service (SCTS). Finally, the recipients should check
this e-mail and any attachments for the presence of viruses. The SCTS
accepts no liability for any damage caused by any virus transmitted by
this e-mail.

[2]https://www.scotcourtstribunals.gov.uk

References

Visible links
1. https://www.scotcourts.gov.uk/
2. https://www.scotcourtstribunals.gov.uk/

Foi, High Court of the Justiciary

Thank you for your enquiry. This is to confirm receipt of your email which has been forwarded to the Freedom of Information mailbox of the Scottish Courts and Tribunals Service (SCTS).

Your request will now be considered by a member of the Information Governance Team and a response will be issued within 20 working days from the first working day after receipt of your request.

Thank you

Information Governance Team
Scottish Courts and Tribunals Service

show quoted sections

Foi, High Court of the Justiciary

Dear Jay Bhanji

Thank you for your request for information, received by Scottish Courts and Tribunals Service (SCTS) on 16 June 2023.

We are still in the process of handling your request and hope to be in a position to respond to you shortly.

I acknowledge that this makes our response to you overdue. My sincerest apologies for any inconvenience caused by this delay.

In any event, I will contact you no later than 31 July 2023 in respect of your request.

Kind Regards
Tara McNamara

Tara McNamara
Information and Correspondence Manager
Information Governance and Correspondence Unit
Scottish Courts and Tribunals Service Headquarters
Saughton House
Broomhouse Drive
Edinburgh
EH11 3XD

[email address]

show quoted sections

Foi, High Court of the Justiciary

20 Attachments

Dear Jay Bhanji

Please see attached response.

Kind Regards
Tara McNamara

Information and Correspondence Manager
Information Governance and Correspondence Unit
Scottish Courts and Tribunals Service Headquarters
Saughton House
Broomhouse Drive
Edinburgh
EH11 3XD

show quoted sections

Chalmers, Sean, High Court of the Justiciary

23 Attachments

Dear Jay Bhanji,

Please see attached follow up response to your below request and associated attachments.

Yours sincerely,

Sean

Sean Chalmers
Senior Information Governance Lead: Correspondence and FOI
Scottish Courts and Tribunals Service
Saughton House
Broomhouse Drive
Edinburgh
EH11 3XD

show quoted sections