Sunday, 4 March 2012

THE DATA PROTECTION ACT 1998

THE DATA PROTECTION ACT 1998... is seen by many as more “useless red tape”...
BUT – is this really true?  I am bound to argue “no” given my profession now, but I respect you to make up your own mind!
The best place to start is to look at the Act as a whole – what’s it about?
The Data Protection Act 1998 replaces the Act of 1984.  The Previous legislation was about electronic processing of information, but this later one is about so much more!  It applies across the United Kingdom and gradually came into force until by 27th October 2007, it was all in place.
The Data Protection Act 1998 (“the DPA”) is primarily concerned with the individual’s information – retaining control over its use; is it being “processed” appropriately?; are there appropriate security measures in place to protect it?
“processing”? – anything that you may do with personal information in a business environment!  Holding it on a post it note; collection of business cards; database; card index; invoices; emails;... just a few examples of how businesses process personal data on clients/suppliers/staff...
How can the individual know if their data is being respected?  The Act sets out a framework for businesses to comply with so that an individual can tell!
-       Working with the 8 Data Protection Principles
-       Demonstrating compliance with polices; procedures and a “notification” (registration with the Information Commissioner’s Office (ICO)) - these all reflect the work of the individual business involved.

PLEASE REMEMBER that this information provided in these blog posts is designed to be general and apply equally to all types of business and all sectors.  If you would like more details specific to your business then I am happy to arrange a free consultation to discuss further.

No comments:

Post a Comment