We are an expert provider of professional services in a world driven by data and technology. Our consultation response draws heavily from our unique insights and experience gained from delivering data governance services (including data protection, GDPR, assurance, ethics, IoT, cyber security and the Network and Information Security Directive) across the healthcare, utilities, construction and other sectors.
We have suggested a number of improvements to the draft Code of Practice. These include: addressing requirements around data breach notification; introducing ethical considerations in the context of data sharing; extending the scope of data sharing agreements; specific considerations regarding the sharing of children’s data; international data transfers; risk assessments; due diligence considerations; and further information related to data brokers and guidance on notification to data subjects. We would encourage the ICO to include these points in the final version.
We also believe it would be beneficial to include more information on the assignment of liability and duties between parties, depending on the joint or separate controller relationship.
While the draft Code covers risks and issues around data sharing in detail, it could be improved by more specifically highlighting the benefits of data sharing and how this can create value for organisations.
Click the link below to view our response to the ICO consultation on the draft data sharing code of practice: