New advice on data protection
Posted 19 September 2007 at 8:21AM by Simon Dickson in Doing business online
If you're a business, and you hold any kind of personal information about people, you're obliged to comply with the Data Protection Act. In practice, it doesn't have too be too complicated or onerous. The Information Commissioner lists eight principles you should follow, which are as much about common sense as legal requirements. And if you're going to make use of the information you hold, beyond basic tasks like staff admin and marketing, you may have to register with the Information Commissioner's Office.
But what exactly constitutes personal data? The ICO has just published new technical guidance on the subject (PDF), which shows it isn't as straightforward as it might seem. Even if you don't have a name, you can still know enough about someone to identify them. And as the new document explains, the same item might or might not be 'personal data', depending on who you are, and what you intended to do with it. Chances are, it won't affect you - the document is easy to read, taking the form of a 'flowchart', and should help put your mind at rest.
If you're in any doubt about your business's liability as regards Data Protection legislation, the Business Link website has a useful interactive tool to help you decide whether you should be registering your activity with the Information Commissioner. There's also a short guide from the ICO itself, aimed at small businesses (PDF). If you do need to register, it's a £35 annual fee; failure to do so is a criminal offence.
Tags: businesslink, data protection, information commissioner, laws, personal information
New feature: Rate this post!
Average rating: 5/5
