The Data Protection Act 1998 and your business

data protection

While it’s true that a properly administered information management system will prove you to be an ethical and responsible business, your customers won’t know this unless there’s been a violation. By this time, not only is it likely that monetary penalties will be imposed but it’s entirely probable you’ll have lost the trust of your client and consequently their custom too.

Why is data protection important?

Information held on us, if appropriate regulations were not put in place, could be viewed or used by person(s) known or unknown. This could be for commercial reasons or even more nefariously criminal use.

We innocently hand over personal details on a daily basis in the assumption that the person(s) we trust with them, unless otherwise instructed, won’t use it for anything other than it was intended. These firms should only make our data available to relevant parties and with our permission but unfortunately it doesn’t always work out that way.

Who is responsible for data protection?

Whether you’re a huge conglomerate, small business owner, a department of government or an employee, you’re probably entrusted with other people’s information on a regular basis. It is vital any information is treated in adherence to the eight principles of the Data Protection Act.

How do I comply with the Data Protection Act?

In brief, the act requires that information is processed fairly and legally and obtained and used for specific, lawful purposes. Data must be adequate, pertinent and proportional to the reasons that it was processed. It must also be accurate and kept up to date where necessary, must not be kept for longer than is needed and should be processed in accordance with the rights of data subjects under the act.

Suitable technical and organisational measures must be taken to protect against unauthorised or illegal processing of, and against accidental loss, destruction or damage to, personal data. Information held must not be transferred to a country or territory outside the EU unless it is ensured an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data are met in that country or territory.

How do breaches in data protection occur?

There are numerous reasons why breaches can occur including incompetence, negligence, immorality and human error. Simply not having the right knowledge, procedures or information management systems in place to combat the aforementioned problems can also be responsible. You can find out more about information management systems at [tp lang=”en” only=”y”]www.ironmountain.co.uk[/tp][tp not_in=”en”]www.ironmountain.co.uk[/tp]

Complying with data protection is a complicated, laborious and thankless task but it’s a necessary evil, which is why many businesses decide on outsourcing to specialist information management companies such as Iron Mountain. This can save companies both money and time in the long run and is the ideal option.

 

Leave a Comment