The Data Protection Act
Your business will hold a significant amount of personal data on
your employees and customers. The Data Protection Act ensures that
you handle this information properly. This guide outlines the key
areas of the act.
- What is the Data Protection Act?
- The Eight Principles
- The rights of the individual and organisations
- Enforcement
- Business benefits
What is the Data Protection Act?
If your business requires you to store people's personal details
on computer or on paper records then you must comply with the Act.
The information includes details such as customer or employee
records. This encompasses names and addresses, bank details and
opinions expressed about an individual. The information must be
about living, identified or identifiable individuals. The Act is
enforced by the Information Commissioner's Office (ICO)
Some organisations have to inform the ICO regarding what they use
the information for but others do not.
- Understand the need to comply with the DPA. It is a legal
requirement to do so.
The Eight Principles
The Act is there to ensure that the information you have is
handled properly. Anyone who processes personal information must
comply with eight principles. These ensure that the information is
- fairly and lawfully processed, processed for limited purposes,
adequate, relevant and not excessive, accurate and up to date, not
kept for longer than necessary, processed in line with an
individual's right, kept secure, not transferred to other countries
without adequate protection.
- The Eight Principles must be learnt and adhered to
The rights of the individual and organisations
Individuals have the right to know what information is held
about them. If an individual or organisation feel they are being
denied access to the personal information that they are entitled to
or feel their information has not been handled according to the
eight principles they can contact the Information Commissioner's
Office for help.
- Be aware that there are wide rights for individuals under the
Act
Enforcement
Complaints are usually dealt with on an informal basis but if
that is not possible then enforcement action can be taken. The ICO
can issue an enforcement notice if it believes that your business
has not complied with one or more of the eight principles. You
could face a fine if you fail to comply with an enforcement or
information notice. If you are convicted of any other offence under
the Act you could face a fine.
- Failure to follow the eight principles can lead to a fine
The business benefits
The DPA is a legal requirement but following the principles can
lead to business benefits as well. It stops you using out of date
or bad data which could result in customer complaints.
- The DPA has business benefits as well.
Smarta Business Builder
To help you on your business journey, we've created Smarta Business Builder, the complete online
tools package for growing your business. Website
Builder, Business
Plans, Accounting
Software, Legal
Documents and Email - all in one place
- from just £20 per month with no contract! Try it out today.