Services

Business Consultancy
Software Implementation
Bespoke Development
Software Integration
Internet Accessibility

Knowhow Business Consultancy Services

Data Protection Act 1998

The Data Protection Act 1998 came into force on 1 March 2000, and replaces the Data Protection Act 1984 ( www.dataprotection.gov.uk ). It applies to all organisations and to both structured paper records and electronic records, and covers 'personal data' which means data which relate to a living individual who can be identified: a) from those data, or b) from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller.

Anyone processing personal data must comply with the eight enforceable principles of good practice. These principles say the data must be:

  • fairly and lawfully processed;
  • processed for limited purposes;
  • adequate, relevant and not excessive;
  • accurate;
  • not kept longer than necessary;
  • processed in accordance with the data subject's rights;
  • secure;
  • not transferred to countries without adequate protection.

Issues Arising

In order to respond to an access request from a data subject in a reasonable time (as required by the Act), it is necessary to bring together all information within the organisation that identifies the data subject. In practice, there are typically many islands of 'personal data' within every organisation and gathering all of this data together within a limited period of time, then to condense it and provide access for a data subject to details of the information stored, can be an impractical proposition.

How secure are your personnel files? Are they secure at all times? Do people have access to them who shouldn't? Are they always kept up-to-date? Is there any personal information stored anywhere that is not kept up-to-date? Answers to all of these questions raise issues of potential non-compliance.

Typically, few staff within an organisation are aware of the duties and obligations of the Data Protection Act and this results in continued non-compliance with the Act, unless staff are provided with the requisite training and guidance.

How we can help

Knowhow Consulting is able to offer organisations a number of experienced consultants able to survey your personal information stores (both paper and electronic) and identify issues of potential non-compliance, then recommend resolutions to those issues, which may require business or technical solutions. We can also provide your staff with training and guidance, to ensure that non-compliances do not re-occur.

For assistance with identifying your Data Protection Act 1998 compliance needs, contact Knowhow either by phone on +44 (0) 1483 776000 or by email using info@knowhowconsulting.co.uk.








Home
Site Map
Contact Me
Print Page