Data Protection Compliance, 2nd Edition Book

Organisations now face much stiffer penalties for breaching the Data Protection Act, which makes this pocket guide more valuable than ever! Your company holds personal information about your customers in electronic form. Almost certainly, you will also keep records on your staff in your computer system. In the digital age, managing personal information has become a key organisational challenge. For legal reasons, everyone has to understand the proper way to handle this personal data. Compliance Your business needs to operate in compliance with the Data Protection Act. This means your company has to take the right steps towards secure management of personal digital information. Under the Data Protection Act, some faults are treated as criminal offences. Where failure to comply is the fault of a manager, the manager can be prosecuted along with the company. A tougher regulatory environment Knowingly, or recklessly, obtaining or disclosing personal data is an offence under Section 55 of the Data Protection Act. In 2009, the Coroners and Justice Act amended the DPA to give the Information Commissioner the power to carry out compulsory assessments of government departments. This year, the government has further tightened the enforcement regime for the DPA. On 6 April 2010, tougher penalties came into effect, including custodial sentences for deliberate or careless disclosure of personal data. Deliberate, or reckless, disclosure of personal data by your staff will also put you in the firing line as their employer. The Information Commissioner s Office has acquired new powers to fine companies up to GBP500,000 for serious contraventions of the Data Protection Act. This pocket guide gives you a clear description of the Data Protection Act, outlining its terms and explaining its requirements. It is essential reading if you have a responsibility for the security of personal data, especially if you are a director, a manager or an IT professional. The pocket guide includes handy good practice tips for staff. The easy-to-follow checklist tells you the practical steps you should be taking in order to comply with the Data Protection Act. Benefits to business include: * Avoid expensive litigation Failure to comply with the Data Protection Act can lead to a heavy fine, as well as complaints and reputational damage. Use this book to help your company avoid embarrassing disputes and costly litigation. * Avoid illegal monitoring and interception There are good reasons why you might want to listen to customer calls (monitoring) or to record them (interception). Use this book to ensure that you monitor and intercept calls and e-mails in a way that is legal. * Understand transfer of data overseas To improve customer service or streamline operations, your company may wish to transfer personal digital information overseas (offshoring). This book advises you on when it is legal to do this. It offers you guidance on transfer of data outside the European Economic Area, and on the US-EU Safe Harbor Agreement. * Handle electronic marketing properly You need to understand the special rules that concern e-mail marketing. Use this book to make sure that your online marketing campaigns are being run in a way that is legal. Data Protection Compliance in the UK has been published as an inexpensive and easily read introduction for any employee required to support compliance with the DPA. It: * Outlines UK and EU data protection regulations; * Describes the rights of individuals; * Explains the security obligations of organizations; * Addresses topics including o IT monitoring and interception, o enforcement provisions and o penalties for non-compliance. Reputational risks A survey conducted by IT Governance has shown that only around half of those employees who handle personal information have been trained in their Data Protection Act responsibilities. And yet