Protect your assets, prevent risks, avoid litigation, stop bankruptcy.
Organizations need to be aware of complying with legislation protecting individual data. They need to address the issue of the legal position relating to information held electronically in terms of its legal admissibility and evidential weight, data protection and freedom of information.
In recognizing the enforcement of recent legislation such as the Data Protection Act 1998 and Freedom of Information Act 2000, BSI British Standards have produced the Data Protection Guide and the Freedom of Information Practical Guide to assist in understanding and implementing these acts.
Click here for the current legal and regulatory standards and publications available.
Protecting personal data
Personal data is one of the most valuable assets an organization can hold. Records and other documents contain fundamental information that businesses need for operational, quality management, planning and control or litigation purposes as well as to remain competitive. The lack of appropriate records management controls has been the subject of many high profile legal cases recently. The inability to keep control of records management processes has proved disastrous for many multi-national companies.
Getting data protection right from the start is critical, as correcting mistakes can be costly and time consuming.
Ongoing changes in legislation continue to have a profound effect on the requirements related to the handling of personal data. If data is not entered correctly people can be unjustly refused credit, benefits, housing or jobs. If data is not kept securely, people's privacy can be affected and you can be prosecuted.
Any organization who collects and uses personal* data, stored electronically, or using paper based systems, must maintain the confidence of those who provide it by complying with the eight enforceable principles obtained for specific and lawful purposes and not processed within the Data Protection Act (DPA) 1998.
*Under the DPA, personal data must be:
- fairly and lawfully processed
- adequate, relevant and not excessive
- accurate
- not kept longer than necessary
- processed in accordance with the data subject's rights
- secure
- transferred to other countries only with adequate protection.
