Data Protection
The Data Protection Act 1998 came into force on 1 March 2000.
It sets rules for companies and organisations that deal with personal data. Personal data is information that identifies living individuals such as their:
- name
- date of birth
- address; and
- even CCTV images.
The Act applies to the processing of personal information and extends to some paper records as well as those held electronically. Its scope is very wide and it imposes a number of obligations. Some obligations are quite onerous on those involved in the processing of personal data.
The implication of the Data Protection Act for major practice streams
This release provides guidance for practitioners on undertaking various types of practice activity while continuing to comply with the provisions of the Act.
- Read the technical release (PDF 84kb/25 pages)
IT Faculty's publication: Introducing the Data Protection Act 1998
This publication sets out the essential requirements for protecting personal data under the Act. It includes key security questions and the application of data protection law to the internet and e-business.
- Read 'Introducing the Data Protection Act 1998' (PDF 61kb/32 pages)
Registration of accountancy practices
Almost all accountancy firms should be registered with the Information Commissioner’s Office (ICO) as data controllers. Sole practitioners or firms which are not registered should consider their position without delay, or risk enforcement action by the ICO.
- Read ICO's Notification handbook - a complete guide to notification (PDF 452kb/48 pages)
Firms should also check whether their registration is up-to-date.
We have prepared an article that highlights common matters requiring you to alter your registration.
- Read 'Do you need to update your data protection registration?' (PDF 30kb/2 pages)
Library and Information Service Links page
