This is the first in a new series of posts, known as Events Watch. Events Watch enables new professionals to share their thoughts and learning outcomes from events they have recently attended (such as conferences and training) for the benefit of all new professionals.
This time Emma Snow will be sharing her experience of a workshop on the Data Protection Act.
Last year I graduated from Glasgow University before starting as an Assistant Archivist for the Theatre and Performance department at the Victoria and Albert Museum. Our department contains an array of material including Company and personal archives as well as a large number of objects, costumes and photographs. We also offer an enquiries service and run a reading room three days a week for members of the public wishing to view our holdings. The quantity of different mediums within the collections and the level of public access given to our paper records means having a complete understanding of both the Data Protection Act (DPA) and Copyright is fundamental, and whilst working for a large organisation means there are other people or departments I could rely on for help I felt that it was important to understand the Act and the reasons behind the department’s decisions for myself. As a new professional the world of the DPA and Copyright still seemed like frightening places so when I was offered the opportunity to attend a workshop and conference on the topics I jumped at the chance. A workshop focusing on the DPA was the first training day that I was given the opportunity to attend.
In February I was one of roughly ten people from a number of organisations to attend Data Protection Compliance without Headaches, organised by recordsmanagementconsultancy. The workshop was run by the founders of the consultancy, Charlotte Brunskill and Samira Teuteberg, who worked fantastically together; offering sound, harmonious and practical advice to anyone in the group looking for specific information as well as those of us after a more general overview of the DPA, which I for one couldn’t understand a word of in its official format. The day was separated into five distinct sessions, covering everything from current to non-current records making it a course for both the Archivist and the Records Manager.
For me, three main points stood out. The first was Damage or Distress – if any material may cause the person or persons involved damage or distress it should be closed, this could include political or religious beliefs, sexual life, physical or mental health issues as well as racial or ethnic origin. The second was to ensure privacy notices and notifications were clear and every reader was made aware of them. By actively communicating our department’s obligations to the DPA from registration onwards, through the use of pop up boxes at registration of information given in an email at the point of making an appointment, we were following DPA best practice. Linked to the idea of privacy notices was the need to future proof the DPA process by ensuring that all notices and procedures linked to the DPA are durable and consider all future uses of the material beyond its current use e.g. its long-term value to research.
Overall the message was that by proactively following best practice procedures and closing material which was damaging or distressing as well as making it obvious when something was closed, and for what reason, data protection issues would largely be avoided.
The workshop was well worth attending, and I felt ready to apply the consultancy’s Eight Principles of the Data Protection Act to any record that might have been thrown my way afterwards.