Discussion in 'Managing Your Business' started by CNS-southwest, Sep 19, 2012.
How many of you know the rules?
How many of you follow them?
No , no and erm NO !!!
know a couple of them
i never give customer details out to anyone
same as RC - I know you need to keep them confidential and if you store them on your laptop you need to have it password protected.
Computer, tablet, phone, pen drive all need to be password protected.
When not in use all paper work should be in a locked safe, ideally fixed to a solid wall. If in transit with you then they should be in a locked glove box, or the boot.
Lol just wondering if it really matters though??
Not quite. The Act states that you must protect the information that you have. This level of protection will verify depending on what type of information you have. If you're only storing basic information such as addresses and telephone numbers, then you need to keep this in a secure location like a locked drawer or cupboard. If you're storing sensitive information such as credit card details then this obviously needs to be more secure. This doesn't mean that the Act it "flexible" and there's one rule you one person and another rule for someone else. It simply means that the level of security that you apply needs to be relative to the information you're storing.
The Data Protection Act also requires that the information you hold must be relevant, correct and disposed of once it's no longer required.
The ICO has a short guide to Data Protection which is really useful.
Thanks for clearing that up mate, I know the basics like but not all of it.
If your storing data and you lose it, could cost you £20k in fines. We been looking into this and there are lots of rules and legalisation regarding this. The service that we are working on will have several levels of data protection. Not wanting scare anyone but you be surprised how much personal info isn't encrypted properly.
just to add to Iain
You need a plan for when or if you have a data breach which comply with the data protection act.
Yes this part is very important. Having some kind of contingency plan would be a good idea for in the event of a breach.
This is a big help to know.