An essential introduction to data protection in the UK
Data Protection Compliance in the UK has been published to be an easy-read introduction for any employee required to support compliance with the DPA. This concise book covers:
Data Protection Compliance in the UK is essential reading if you have a responsibility for the security of personal data, especially if you are a director, a manager or an IT professional.
All companies hold personal information about their customers in electronic form. Almost all of them will also keep staff records, at least partially, in a computer system. Managing personal information has become a key challenge for all organisations, and one that they are legally obliged to understand.
Your business needs to operate in compliance with the Data Protection Act. This means your company has to take the right steps towards secure management of personal digital information. Under the Data Protection Act, some faults are treated as criminal offences. Where failure to comply is the fault of a manager, the manager can be prosecuted along with the company.
Knowingly, or recklessly, obtaining or disclosing personal data is an offence under Section 55 of the Data Protection Act. In 2009, the Coroners and Justice Act amended the DPA to give the Information Commissioner the power to carry out compulsory assessments of government departments. This year, the government has further tightened the enforcement regime for the DPA.
Since 2010, tougher penalties have been in place, including custodial sentences for deliberate or careless disclosure of personal data. Deliberate, or reckless, disclosure of personal data by your staff will also put you in the firing line as their employer. The Information Commissioner's Office has acquired new powers to fine companies up to £500,000 for serious contraventions of the Data Protection Act.