Data Protection Procedure and Guidance

Sherburn and Villages Community Library Management Group
Data Protection Procedures and Guidance

This document sets out the procedures to be followed in order to comply with the Data Protection Act and Sherburn in Elmet Community Trust’s Policy. It also offers Good Practice Guidance for Volunteers.
Volunteers are reminded that the Data Protection Act is not restricted to automatically processed information but includes manual records and paper documents.

Volunteer Database

The Database recording details of Volunteers will be maintained by the Volunteer Managers who will keep it confidential and not disclose it to any other member of the Management Group or any other person. If it is necessary to pass on any personal details to any other party this will only be done with the permission of the individual volunteer. Specific permission will be sought on each such occurrence.

Volunteer Acceptable Use Agreement

All Volunteers are required to sign this agreement, a copy of which will be kept securely at the Library. Any volunteer who has not signed will not be allowed access to NYCC systems.

Mandatory Training

Volunteers are required to undertake training in Data Protection as specified and provided by NYCC. A record must be kept of those who have completed the training and there must be at least one volunteer who has completed the training present in the library at all times.

Confidentiality

Volunteers should not divulge any information about Trustees or Management Group Members, NYCC staff, users, other Volunteers, library finances or any Council business. Team Leaders are asked to reinforce this within their team and monitor compliance.

Volunteers are specifically warned against:
Discussing confidential information with partners and friends.
Talking about confidential information in public places or on the phone.
Giving out information over the phone unless they are sure of the identity of the person they are speaking to and their authorisation to have the information.
Sharing or disclosing computer access details
Leaving documents in places where they can be seen by unauthorised people.
Disposing of information carelessly when it is no longer needed.
Allowing others to see confidential information on the computer screen.
Dealing with the Media

If volunteers are asked for an opinion or comment by the press or other media source, they should refer them to the Team Leader in the first instance. Team Leaders should liaise with the a member of the Library Management Group before providing an appropriate response.

Memory Sticks found in the Library

Any personal memory stick found in the library will be retained in a secure place for 28 days . At the end of this period it will be destroyed and disposed of. The files stored on the device will not be viewed.