The Information Commissioner’s Office (ICO) has released a plain English guide to data protection legislation. Designed to assist non-lawyers in their understanding of the law, it dispels the myths relating to data protection and explains how a business can lawfully use personal data to protect both its reputation and its bottom line.
The rationale behind the guide is to ensure that small businesses and organisations do not have to wade through complicated legislation and rely on their own interpretation of statute in order to comply with the law. An ICO issued statement said, “Sometimes organisations misinterpret the Act or hide behind it…the ICO is aware of a number of data protection myths and duck outs.”
The guide, which is available online or as a downloadable PDF document, is designed to be accessible even to those unfamiliar with data protection issues. It starts with a basic overview of the types of information that constitute personal data and explains the role of the ICO.
The document also contains helpful information in question and answer format and is particularly successful in demystifying each of the eight data protection principles while providing examples that explain how the law works in practical scenarios. The conditions required in order to process personal data, the rights of individuals and the numerous exemptions from the Data Protection Act (DPA) are set out equally helpfully.
Although the document stretches to approximately ninety pages, it is likely to be welcomed by those whose role is to ensure compliance with the DPA.
The guide is available here.