The Information Commissioner’s Office (ICO) has urged organisations to be extra vigilant in the way they handle personal data, after the number of reported data protection breaches reached 1,000.
Anyone who processes personal information must comply with the eight data protection principles laid down in the Data Protection Act 1998 (DPA) in order to make sure that it does not end up in the wrong hands. This means having in place procedures to avoid wrongful disclosure and ensuring that staff are adequately trained in applying them.
Many data security breaches are the result of human error. The ICO has issued guidance on how to ensure personal information is protected and has also published a Code of Practice explaining the approach the DPA applies to the collection and use of personal information online. This gives practical advice for organisations that do business over the Internet and are therefore subject to the DPA.