We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
Contact Forum Editor

Send an email to our Forum Editor:

PLEASE NOTE: Your name is used only to let the Forum Editor know who sent the message. Both your name and email address will not be used for any other purpose.

Tech Helproom

It's free to register, to post a question or to start / join a discussion


How's your data protection policy doing?

Forum Editor

Likes # 0

If your business is in the habit of collecting and processing personal data from customers, or potential customers, it's worth thinking about your responsibilities as a data processor.

Broadly speaking, the purpose of the Data Protection Act 1998 is to ensure that individuals and companies who/which process information about living, identified or identifiable individuals do so in a manner that properly safeguards that information from unlawful disclosure to third parties. The kind of personal information that is protected under the act is names and addresses, bank details, and opinions expressed about an individual - perhaps by a senior manager about an individual worker in an internal company assessment document.

There are eight guiding principles as far as Data protection is concerned, and they are that data is/are:

1. processed fairly and lawfully

2. processed for one or more specified and lawful purposes, and not further processed in any way that is incompatible with the original purpose

3. adequate, relevant and not excessive

4. accurate and,where necessary, kept up to date

5. kept for no longer than is necessary for the purpose for which it is being used

6. processed in line with the rights of individuals

7. kept secure with appropriate technical and organisational measures taken to protect the information

8. not transferred outside the European Economic Area (the European Union member states plus Norway, Iceland and Liechtenstein) unless there is adequate protection for the personal information being transferred

Lots more about how to comply with the law here:

click here

Like this post

Likes # 0

Of Trucrypt has just been released. If you are at all concerned about sensitive data, it's a good place to start. It is (apparently) US military approved.

I too keep data on my laptop (encrypted) but it is never left unattened...EVER!

click here

Like this post
Chris the Ancient

Likes # 0

I do have a database of my customers which I carry on a laptop when I'm working. That laptop never leaves my sight.

If the laptop is opened by anyone other than myself, they have to know the Windows logon password.

Basic details, only, are kept; which includes various personal details - which *could* be of potential use to somebody else (fortunately, no bank or similar details). However, any given customer would only ever see their own personal details.

The database is downloaded to my home pc each evening (as a refresher and back up) and that pc is similarly logon protected. My 'office' is monitored in my absence by a webcam and associated security software recording.

All people actively on the database are aware of what their record contains and the associated protection that is applied to their data.

I just hope to goodness that all that would satisfy the powers that be!


Like this post

Reply to this topic

This thread has been locked.

IDG UK Sites

Windows 10 release date, price, features UK: Staggered release with PCs coming first this summer -...

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

How to get a job in design

IDG UK Sites

MacBook Pro 15in preview: better battery life, faster storage and a new discrete graphics chip may...