Escolar Documentos
Profissional Documentos
Cultura Documentos
EMS Security
Information Sharing Agreement
and
Lincolnshire Police
OFFICIAL
OFFICIAL
1 Introduction
1.1 Overview
1.1.1.1 Under the General Data Protection Regulation (EU 2016/679) and the Data Protection Act
2018, all Data Controllers have a legal responsibility to ensure data is processed lawfully
and fairly, and to put appropriate protective measures in place to prevent the unauthorised
use or disclosure of that data.
1.1.1.2 Electronic Monitoring Services (EMS), as a Data Processor, is contracted by the Ministry
of Justice (the Authority) to implement and provide monitoring of people who have been
assigned curfews or location monitoring orders as part of a criminal justice process.
1.1.1.3 In order to meet the requirements of the Authority, EMS may need to obtain additional
information from other agencies. Additionally, EMS may be required to share information
with other agencies as part of the Electronic Monitoring Orders, or for other legal reasons.
1.2 Purpose
1.2.1.1 This Agreement covers the arrangement to share, process and protect data between the
two named parties as outlined in the contents of this agreement and that further sharing or
processing of that data shall only be permitted where it is in compliance with the General
Data Protection Regulations (GDPR) and the Data Protection Act 2018.
1.2.1.2 Where consent for change has been acquired, this Agreement must be updated and re-
issued.
OFFICIAL
OFFICIAL
1.7.1.2 EMS and Lincolnshire Police confirms they have authorisation to share the information
outlined in this agreement for the purpose for which it is being shared.
1.7.1.3 EMS shall act as a Data Processor on behalf of the Ministry of Justice for any information it
receives and will refer all applicable data-related decisions not outlined in this agreement
to the appropriate Data Controller.
1.7.1.4 The Data Controller for Lincolnshire Police is:
Chief Constable
Lincolnshire Police,
PO Box 999,
Lincoln,
LN5 7PH
1.8 Responsibilities
1.8.1.1 It is the responsibility of each signatory to ensure that:
OFFICIAL
OFFICIAL
Appropriate staff training and awareness sessions are provided in relation to this
agreement. Information is shared responsibly and in accordance with professional
and ethics standards.
A current Information Security Policy is available and can be provided to the other
party on request.
OFFICIAL
OFFICIAL
2 Information Sharing
2.1 Data Classification and Data Types
2.1.1.1 Unless otherwise stated, all data transferred is agreed to be classified using the
Government Security Classifications, at a level of OFFICIAL, with all data containing
sensitive information classified specifically as OFFICIAL-SENSITIVE.
OFFICIAL
OFFICIAL
b) The minimum amount of data necessary to complete the purpose shall be retained.
c) Where a lawful basis for processing can no longer be demonstrated, the data shall
be deleted.
2.5.1.2 Specific to this agreement, the following data retention requirements apply:
Once the Electronic Monitoring order has come to an end, EMS shall delete the image in a secure
manner.
On the termination of this agreement, all shared data shall be securely deleted.
OFFICIAL
OFFICIAL
Risk Management
Perimeter Controls
Secure Configuration
Access Control
Malware Protection
Patch Management
Monitoring
Threat Assessment and awareness
Physical Security
Personnel Security, e.g. screening
OFFICIAL
OFFICIAL
3 Signatures
The following signatures indicate an acceptance of each party to accept and adhere to this
agreement.
Breaches of this agreement will lead to a review and possible termination of this agreement,
including the destruction of all previously shared information.
Any signatory may withdraw from this agreement by giving written notice to the other parties. The
withdrawing signatory will be bound to comply with relevant terms of this agreement beyond the
termination.
Where signatories leave an organisation, there is no immediate need to re-sign the ISA. However,
each party must be made aware of the change of contact and the new contact details.
NAME DATE
POSITION SIGNATURE
NAME DATE
POSITION SIGNATURE
OFFICIAL