data protection act

A Small Business Guide to Data Protection Compliance

A Small Business Guide to Data Protection Compliance

Essentials The essential information about data protection compliance Your Responsibilities With data protection compliance you have a number of responsibilities… Glossary A list of data protection terms FAQs Frequently Asked Questions (FAQs) about data protection Rules & Regulations The rules and regulations governing data protection Essentials The law requires personal data to be collected and used in such a way that individuals’ personal details are protected. To comply with the Data Protection Act 1998 (the Act) a business must follow the eight data protection principles when handling personal data. When your business handles personal information the principles require the data to be: fairly and lawfully processed; processed for limited purposes; adequate, relevant and not ex... »

EU Data Protection Reforms are Strangling Innovation

Plans to reform data protection laws in Europe will restrict and burden businesses and threaten innovation, the Confederation of British Industry (CBI) said today (Friday). In its submission to the Ministry of Justice’s Call for Evidence on the European Commission’s data protection proposals, the UK’s leading business group said the proposed regulation will threaten many innovative business models, which rely on data sharing to generate revenue. Compliance will also place a cost burden on all businesses which may deter investment and be passed on to consumers. The CBI is calling on the European Commission to revise its proposals, in favour of a proportionate, risk-based approach to the scope of data protection regulation, taking fully into account the benefits versus costs of any changes a... »

SMEs in the Dark about Fines for Data Negligence

The majority of the UK’s SMEs are unaware they could face fines of up to £500,000 if they breach data protection laws. A poll of 154 small and medium-sized businesses by Eclipse Internet found that almost two-thirds (62%) didn’t know companies could face such a large fine if they breach the Data Protection Act. Whilst most of the companies polled had heard of the Act, few firms knew about the proposed new powers to be awarded to the Information Commissioner’s Office. Of those surveyed, only 22% said they had heard of the changes, which are due to come into force in April 2010. They will give the Information Commissioner’s Office ability to penalise companies that breach the Data Protection Act by putting personal data at risk. Clodagh Murphy, director at Eclip... »

Data Protection Act

Small firms unsure of Data Protection obligations

One in four small–businesses owners do not believe their firm is meeting its obligations under the Data Protection Act (DPA), software firm Invu has warned. All businesses that store people’s personal details, such as customer or employee records, are required to comply with the DPA. The Act also states that individuals have the right to access the personal information that businesses hold about them. However, the Invu research revealed that a third of small firms failed to realise that the DPA includes all paper–based documents and not just those stored electronically. Invu chief executive David Morgan said: “The premise of the Data Protection Act is very solid but implementing and managing it is not quite so clear, so it’s little wonder that many SMEs are co... »

Workplaces lax on Data Protection

Security–lax employers are leaving staff exposed to identity fraud by failing to protect their personal data at work, according to marketing firm CPP. A CPP survey of more than 1,000 UK employees found that 60% have been put at risk of fraud because of their employer’s poor data security policies. The research revealed that despite recent high–profile data losses by business and government, employers are still failing to shred sensitive documents and personal information, with some even placing this data on websites. CPP identity fraud expert Danny Harrison said the results were surprising, given that employers have a legal responsibility to protect their staff under the Data Protection Act. “Businesses could be at risk of hefty fines if they don’t comply, and... »

Data Protection Act: How to comply with the law

Data Protection Act: How to comply with the law

‘Data protection’ can be an intimidating phrase for a start-up or small business owner like you; for many, it conjures up images of blinking data banks, difficult-to-understand legislation and expensive litigation. There is also a common misconception amongst business owners that the law only applies to large corporations, digital businesses, or companies that use customer information as a commodity, such as marketing firms. This is not the case – the Data Protection Act applies to virtually every business, including sole traders. Any customer information you handle – including names, addresses, photographs, card details and phone numbers – will be subject to the law on data protection. It is vital you understand the law, as failing to obey data protection regulations can lead to a fine of... »