Security of sensitive informationS
47.—(1) This regulation applies to sensitive information–
(a)received by a Scottish Category 1 responder under or by virtue of any provision of these Regulations;
(b)received under or by virtue of any regulations made by a Minister of the Crown under section 6(1)or 15(3); or
(c)has been created by a responder in discharging its duties under the Act, these Regulations or regulations made by a Minister of the Crown.
(2) Each Scottish responder must have in place arrangements for ensuring that the confidentiality of sensitive information to which this regulation applies is not adversely affected.
(3) The arrangements specified by paragraph (2) must include arrangements for ensuring that–
(a)sensitive information is clearly identifiable as such;
(b)only those persons who–
(i)are involved in the performance of a duty under section 2(1) or 4(1) or other function that relates to an emergency, and
(ii)as a result, need to have access to sensitive information,
have access to sensitive information;
(c)sensitive information is stored in a secure manner; and
(d)sensitive information is transferred (including transferral by electronic means) in a secure manner.