DATA PROTECTION

Governments and Regulators are requiring companies take responsibility for ensuring the security of their confidential records. This is good business practice and it’s the law.

REMEMBER THE DATA IS YOUR RESPONSIBILITY UNTIL IT HAS BEEN SHREDDED!


The Data Protection Act 1998 governs the processing of personal information on living people. The Act requires that you are open and honest about your use of personal information and follow the 9 principles laid out under the law:

• Fairly and lawfully processed
• Processed for specific purposes
• Adequate, relevant and not excessive
• Accurate and kept up to date
• Not kept for longer than is necessary
• Processed in line with the individual
• Kept secure

These actions are the responsibility of the Data Controller in your organization The Information Commissioner oversees legal requirements of the Act and failure to comply can result in a Criminal Prosecution. Failure to notify carries a maximum penalty of £5000 plus in a Magistrates Court or an unlimited fine in a Crown Court.

Please check that you are complying with the Data Protection Act by keeping information secure or destroying with auditable trails. For more information on the Data Protection Act visit http://www.opsi.gov.uk/acts/acts1998/19980029.htm

Confidential Documents