Information Governance
The General Data Protection Regulation (GDPR)
On 25 May 2018 a new EU directive came into force that replaced and enhanced the existing data protection regulations.
We use certain items of personal data provided by scheme members' or their scheme employer, to administer the fund and provide information in connection with the range of benefits available when the member leaves the Local Government Pension Scheme (LGPS), or retires.
There are new and extended rights for individuals in relation to the personal data an organisation holds about them, for example, an extended right to access and a new right of data portability. You can obtain further information about these rights from the Information Commissioner's Office at: www.ico.org.uk or via their telephone helpline (0303 123 1113).
In addition, organisations will have an obligation for better data management and a new regime of fines that have been introduced for use when an organisation is found to be in breach of the Data Protection Act.
What are the main principals of the GDPR?
The GDPR states that personal data must be:
- processed lawfully, fairly and in a transparent manner;
- collected only for specified, explicit and legitimate purposes;
- adequate, relevant and limited to what is necessary;
- accurate and kept up to date;
- held only for the absolute time necessary and no longer;
- processed in a manner that ensures appropriate security of the personal data.
Data Protection
This page describes how you can access information that the Fund holds about you in line with the Data Protection Act.
Rights of Access
Under the General Data Protection Regulations, the Lancashire County Pension Fund has a duty to protect the personal data it processes and to inform members about how their data is managed and used by the Fund.
In line with the act, an individual has a right to request information held about them. A request for information about an individual other than the subject of the information will be rejected except in the following circumstances:
- parents may request information about a child under 16;
- a Solicitor/Professional Advisor may request information on behalf of an individual with that individual's approval.
You can request access to your information by clicking the following link below:
https://www.lppapensions.co.uk/contact/contact-lppa/
Information Security
The Lancashire County Pension Fund complies with relevant information security requirements.
We feel it is important to ensure that our customers' information held is held securely in order to protect against unauthorised access, use, disclosure, modification and disruption in both electronic and physical formats.
Principles
Regular senior management attention through the Senior Information Risk Owner (SIRO) and Information Governance Working Party;
Implementation of information assurance in Fund service areas led by the Information Governance Operational Group;
Information risk management will be at the heart of improvement processes;
Mandatory training for all of the Fund's information users.
Our commitment
Acceptable use - to comply with acceptable use policies for email and internet;
Data protection - to understand and comply with the Act;
Information handling - to comply with information handling and security procedures;
Information incidents - to identify potential information events and incidents and report these when they occur.