However the Data Controller is responsible in law to ensure that a Service Level Agreement is in place with * Data Processors. This agreement should define responsibilities and management procedures for the Data Processor to follow.
It would not absolve the Data Controller of its responsibilities were it to rely on the Guarding Service Providers processes and documentation, despite this Data Controllers frequently expose themselves to risk by leaving their Guarding Service Provider to employ their own methods and documentation.
The Data Controller may be either the Landlord or Managing Agent who must provide Policy and Process Management Systems for its staff and Data Processors to follow. Furthermore, the Controller must ensure that Service Level Agreements with Processors include compliance responsibilities.
If organisations decide to act as joint data controllers responsibilities must be clearly defined otherwise the situation could be confusing for the various stakeholders.
The Data Controller should consider appointing an individual responsible for Data Protection compliance and reporting directly to the Board of Directors.
In the case that the Landlord is the Data Controller the Managing Agent will act as Lead Data Processor. All other Data Processors such as Guarding Service Providers are subordinate to the Managing Agent who is responsible for dissemination of the Controllers Policy & Procedures reporting to and obtaining authorisation from the Controller for the release of data.
This would normally be the individual employed by the Landlord or Managing Agent as Facilities or Building Manager and responsible for implementation and management of the Data Controllers Policy and Procedures. In the case that the Landlord acts as Data Controller the Data Manager will be responsible for obtaining the Landlords authority for the release of data.
Responsible as directed by the Data Controller for the day to day management of systems that process Personal Data, and subordinate to the nominated Data Manager.
Responsible for data management audit and privacy impact assessment, reporting directly to the Data Controllers nominated person responsible for Data Protection.
We’re ready to lead you into the future of Computer Aided Security Management, get in touch with us today and find out how easy it can be to ditch those inefficient paper recordsGet in touch