16th March 2015 News

Staying on the right side of the law

Information, together with processes and systems that create, store, use and dispose, are important assets to any business, keeping you on the right side of the law.

There is a need to be able to locate and retrieve business information.  As is the need to safeguard information, particularly data personal to an individual.

Data Protection Act 1998

A framework of rights and duties designed to safeguard personal data.  Also, balancing the needs of organisations to collect and use personal data against the rights of individuals to have privacy of their details.

Freedom of Information Act 2000

This Act provides public access to information held by public authorities, including any of the following: –

  • Government departments
  • Local authorities
  • NHS
  • State schools, colleges and universities
  • Police forces.

Act 2000 covers all forms of recorded information, including printed documents, computer files, emails, photographs and audio or video recordings.

Financial Services and Markets Act

The Financial Services Authority (FSA) lays down strict requirements to protect the Consumer against Malpractice.  This Act requires all financial institutions to store all business emails sent and received for up to six years.  However, there are some emails which must be stored indefinitely so cases can be reviewed.

Waste Electrical and Electronic Equipment Directive (WEEE)

An EU directive regulating the management of electrical and electronic waste.  The equipment producer is usually responsible for the cost of treating and recycling, although business Users sometimes must pay.  Businesses must use a registered waste carrier and keep a transfer note when equipment leaves their premises.

Payment Card Industry (PCI) Data Security Standards (DSS)

PCI and DSS applies to those storing, processing, and transmitting cardholder data.  Concerning the use of cardholder data, it covers technical and operational requirements.  Anyone who accepts or processes payment cards, must comply with the PCI DSS.

ISO 9000 and ISO 9001 Quality Management System

Dealing with the fundamentals of quality management systems, including the eight management principles on which the family of standards is based.  ISO 9001 deals with the requirements that organisations wishing to meet the standard must fulfil. A cornerstone of the standards is the control of documents.

ISO 15489 Records Management 

The ISO 15489 standard concerns records management and covers the efficient and systematic control of the creation, receipt, maintenance, use and disposal of records, including the processes for capturing and maintaining evidence of, and information about, business activities and transactions in the form of records.


Back to blog list


Join Discussion