The Data Protection Act (DPA) government holding and processing of personal data.
‘Personal data’ means information that recognizes any living individual or can, with other information held by you, recognizes any individual.
‘Processing’ of personal data means secure, recording, or holding the information.
As an owner business, you will be maintaining the personal information of your employees, vendors, and customers. It is, therefore, likely that your activities will be recorded by the provisions of the DPA. If you are a ‘data controller’ under this Act and fail to inform your organization or a company to the Information Commissioner, your directors may be criminally responsible for failing to do so.
A ‘data controller’ is a person or body that controls the purposes for which personal data is processed.
Under the Data Protection Act, principle are.
- It should be fairly and lawfully processed;
- Processed for specified purposes;
- Sufficiently, relevant, and not excessive;
- Accurately and, necessary, kept up to date;
- Don’t keep for longer than is necessary;
- The processed should be in line with the rights of the individual;
- Kept secure, and not transferred to countries outside the EEA unless the information is appreciated and protected.
- Non-compliance can result in an implementation notice preventing your business from processing data, functionally preventing many businesses from operating, together with significant, the officers of your company/organization, the managers and directors, can be held criminally responsible for non-compliance.
You should establish a data protection policy in your business to ensure your legal obligations are complete.
The policy should have a statement for the particular personal data needs of the business as well as the way it processes this information. The policy should also mark the areas where personal and sensitive data might be accidentally leaked in violation of your obligation under the law.
law aside it also makes your business good sense to have a policy as:
- Maintaining the information you have about your customers secure will help protect your and their information;
- Sending out a mailing from incorrect or out of your data records could not only create trouble for your customers but also waste your time and money;
- Good information handling can improve your business’s status by increasing customer and employee confidence in you; and
- A good thing you will also reduce the risk of a complaint being made against you.
- Every day sole contact the Information Commissioner to enquire about the way their information is handled and can also be asked to assess whether particular processing is likely or unlikely to comply with the DPA.