The Information Commissioner's Office has issued a a new code of practice on data protection law and CCTV, automatic number recognition systems, and drone cameras.
Employers who force employees or job candidates to turn over details of convictions will be committing a criminal offence from 1 December 2014.
The Information Commissioner's Office (ICO) has issued new guidance on securing data stored in the cloud.
Your business data is one of your most important assets.
Some people think that the Internet is an unregulated free-for-all, but this is simply not the case.
All businesses that keep any information on living and identifiable people must comply with the Data Protection Act
Tips for choosing the right global cloud infrastructure provider
The top considerations for businesses planning to adopt infrastructure as a service (IaaS) on the cloud.
What to do after a security breach
Just as companies have fire drills, they should practice what they will do when a data breach occurs.
Businesses are beginning to adopt context-based security
Context-based computer security uses situational information such as location, time of day and device type to enable effective security decisions.
When an employee leaves, for whatever reason, it is vital to get everything right, from reclaiming your property to ensuring your confidential information is kept secret after the employee leaves. Check out the key steps to take for a trouble-free termination.
Using CCTV at work is subject to data protection and human rights law, and could also breach your duties to your employees. Check out the pluses and minuses of using CCTV, and what you have to do to stay within the law.
Keeping your customer information accurate and up to date is vital. Failure to do so could result in costly and possibly embarrassing mistakes.
Legislation and regulations
Commission proposes a comprehensive reform of the data protection rules
European Commission news release published on 25 January 2012. Includes links to factsheets on data protection reform, surveys and the proposed legislative texts.
Data Protection Act 1998
Full text of the act that came into force on 1 March 2000. It applies to computerised personal data, and to personal data held in structured manual files.
Data Protection Directive 1995
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
This is not an exhaustive list of legislation on data protection. The ICAEW Library holds numerous print publications on data protection law and also subscribes to electronic databases with the complete text of UK legislation. For information on accessing these resources, please contact the Library.
Information Commissioner's Office (ICO)
Guide to data protection
Detailed guidance for UK organisations, covering:
- key definitions of the Data Protection Act
- data protection principles
- processing personal data fairly and lawfully
- processing personal data for specified purposes
- information standards
- the rights of individuals
- information security
- sending personal data outside the European Economic Area
- the conditions for processing
Information on how to apply the Privacy and Electronic Communications Regulations including practical examples and frequently asked questions.
Information for small businesses on the Employment Practices Code with links to the full Code and supplementary guidance.
A range of guides and information aimed at SMEs, including:
Protection of personal data
Comprehensive guide to data protection issues within the EU. Topics include:
- entities collecting data
- obligations of data controllers
- data transfers outside the EU
- handling complaints
- protecting personal data for individuals
- data protection bodies
- glossary of terms.
Data protection and your business
Guide from Gov.uk covering issues relevant to organisations, including:
- recruitment and managing staff records
- monitoring staff at work
- using CCTV.
Data protection guidance
Guidance for professionals and practitioners from the Ministry of Justice on the application of the Data Protection Act 1998, including:
- Undertaking privacy impact assessments: The Data Protection Act 1998
- How data protection affects my business or organisation
- Jargon buster for data sharing and protection
Under cyber attack: EY's global information security survey 2013
Latest edition of EY's annual survey report looking at how organisations are addressing current threats and how businesses can proactively prepare for potential new risks.
Data protection and freedom of information standards
Overview from the British Standards Institution with links to related information, news and publications.
US Department of Commerce Safe Harbor Portal
Comprehensive website supporting the Safe Harbor privacy framework in the US, including an overview, documentation, workbook, a certification form and a safe harbor search service (searchable by state or industry sector).