Checklist for drafting your controller-controller data sharing agreement (from the ICO Data Sharing Code of Conduct now out for public consultation):
- What is the purpose of the data sharing initiative?
- Which other organizations will be involved in the data sharing?
- Are we sharing data along with another controller?
- What data items are we going to share?
- What is our lawful basis for sharing?
- Is there any special category data or sensitive data?
- What about access and individual rights?
- What information governance arrangements should we have?
- What further details should we include?