The consequences of non compliance
Is your company data compliant? It needs to be. As a matter of routine it makes sense to implement appropriate processes and systems for data and document management.
More than ever organisations hold and process personal data in one form or another about their staff, Customers and Suppliers. As a consequence, the Data Protection Act (DPA) is perhaps the one piece of legislation that generates the highest number of compliance challenges for any organisation.
Data Protection Principles
Everyone responsible for using data has to follow strict rules called ‘data protection principles’.
They must make sure the information is: –
- fair and lawful
- used for specifically stated purposes
- adequate, relevant and not excessive
- kept for no longer than is absolutely necessary
- handled according to people’s data protection rights
- kept safe and secure
- not transferred outside the European Economic Area without adequate protection
Everyone responsible for using data has to follow ‘data protection principles’
Monitoring and Audits
Companies that continually invest in monitoring and have regular audits of their systems and processes can, not only reduce the financial consequences of non-compliance, but can also improve the efficiency of their business operations.
Personal data sent by electronic or printed means, is not the only way in which it can be put at risk. Data that is no longer required by a Company is considered vulnerable, particularly where it fails to secure its safe disposal.
Data Protection Act
The seventh principle of the Data Protection Act states that “appropriate technical and organisational measures must be taken to avoid accidental loss or destruction of, or damage to, personal data” and the consequences of failing to securely dispose of IT equipment can be extremely costly.
With the sheer volume of do’s and don’ts incorporated within the Act, it is often tempting just to bury your head in the sand rather than try to make sense of the policies and procedures.
Research by the Ponemon Institute in the USA found that business disruption and loss of productivity were the most significant consequences for companies that did not maintain compliance with relevant legislation and regulation.
It makes sense to implement appropriate processes and systems for data and document management as a matter of routine. Effective document management has a positive effect on a business’s bottom line through smarter, more efficient working providing better Customer service.
It makes sense to implement appropriate processes and systems for data and document management as a matter of routine