SMEs get Data Protection Act guide
Never forget the DPA scamsters
The Information Commissioner's Office (ICO) has published a new guide for small businesses (SMEs) concerning their responsibilities under the Data Protection Act (DPA).
The guide - Getting it right - is supposed to provide a straightforward explanation of data protection and what businesses need to know to meet the requirements of the DPA.
Under the DPA all businesses need to follow the Act's eight principles including making sure that records held on employees and punters are stored securely, used for the right reasons and are always accurate and up to date. Some businesses that process personal information may also need to register with the ICO.
Said Assistant Information Commissioner Jonathan Bamford: "Small businesses can have a lot of legislation to comply with and we are trying to cut out the jargon. Our simple guide has been designed to help businesses understand and easily follow data protection rules."
Anyhow, SMEs unsure about their responsibilities can have a gander at the guidelines on the ICO's web site.
Separately, the Information Commissioner is still warning businesses throughout the UK to ignore bogus data protection agencies which continue to send notices demanding money to register under the DPA.
More than 200 businesses a month in the UK fall victim to fake data protection agencies posing as official government bodies. The letters, which request sums of between £95 and £135 to register under the DPA, often use threatening language and are on official-looking headed notepaper.
The statutory fee for notification is just £35 a year and businesses that need to do so should go directly to the Information Commissioner's Office.
Said Bob Turnbull, assistant commissioner for Scotland: "If you receive a letter demanding more than £35 to register under the DPA this will be a scam. Our simple message to businesses is to throw the letter in the bin and don't pay the fee." ®