The Data Protection Act 1998 is the law which governs the processing of personal information on living people.

The DPA aims to promote high standards in the handling of personal information and so to protect the individual’s rights of privacy.

The Act requires that you are open and honest about your use of personal information and follow the 9 principles laid out under the law:

1. Fairly and lawfully processed
2. Processed for specific purposes
3. Adequate, relevant and not excessive
4. Accurate and kept up to date
5. Not kept for longer than is necessary
6. Processed in line with the individual
7. Kept secure
8. The responsibility of the Data Controller in your organisation
9. Not transferred to countries outside the European Economic Area

PENALTIES AND ENFORMENTS:

The information commissioner oversees legal requirements of the Act and failure to comply can result in a Criminal Prosecution.

Failure to notify carries a maximum penalty of £5000 plus Magistrates Courts or an unlimited fine in a Crown Court.

Individuals who suffer damage or distress from compliance failures can also apply to the Court for compensation.

Are you complying with the Data Protection Act by keeping information secure or destroying with auditable trails?

If not, call Shredall today to find cost effective ways to store and destroy personal information.

0800 393 178

For more information on the Data Protection Act -http://www.opsi.gov.uk/acts/acts1998/19980029.htm