Skip navigation.

ICT Management. > Legal Issues

Have You Got Your Act Together?

By Lasa Information Systems Team

The 1998 Data Protection Act came into force fully on 24th October 2001. Although the Act is complex, in the main, common sense and a few basic guidelines will ensure that you don't go far wrong:

Action Points

  • Ensure that anyone you hold information about knows that you hold it, what you use it for, and who you might pass it on to. Often a short statement on your forms, leaflets, website, or a notice in your waiting room, is all that you will need.
  • Get consent for holding people's information wherever possible, and get explicit consent, in writing if possible, for any 'sensitive' information you want to hold.
  • Make sure that you offer people the chance to opt out of any direct marketing.
  • Modify your systems to record, where necessary, consent, direct marketing opt-outs, etc.
  • Design or modify your systems so that you can easily comply with any request by a Data Subject to see the records you hold on them.
  • Make appropriate security arrangements, both for manual and computer systems, depending on how sensitive the information is.
  • Draw up a policy (perhaps linked to your confidentiality policy) and train or brief your staff in what they are allowed to do with people's information, what they are not allowed to do, and whom they have to ask if they are unsure.
  • 'Notify' the Data Protection Commissioner about any data processing activities which are not exempt
  • Appoint a member of staff as Data Protection Compliance Officer, so that they know it is part of their job to find out about Data Protection in more detail and to keep the organisation within the law.

For more information and guidance notes on the Data Protection Act visit the  Information Commissioner's Office website and / or get a copy of Lasa Computanews Data Protection Guide

 


About the author

Lasa Information Systems Team
Lasa's Information Systems Team provides a range of services to third sector organisations including ICT Health Checks and consulting on the best application of technology in your organisation. Lasa IST maintains the knowledgebase. Follow us on Twitter @LasaICT

Glossary

Website

Published: 4th April 2002 Reviewed: 4th July 2006

Copyright © 2002 Lasa Information Systems Team

User comments and discussion

If you have useful information to add to this article please Add a comment. Comments will appear after they have been moderated.

Discuss this topic in the Knowledgebase forums. This is a useful place to share knowledge, experiences, and ask questions.

Please sign in or register to be able to post a comment or discussion.