You must comply with Data Protection rules – but what are they?

You must comply with Data Protection rules – but what are they?

If you run a small business, you probably collect information on your customers and staff every day without giving it a second thought.

That could include salaries and holiday requests for employees, payment details for customers and clients’ dates of birth and addresses. It’s part and parcel of operating a business – but it also means you have a responsibility to comply with Data Protection rules.

What is the Data Protection Act 1998?

The Data Protection Act controls how personal information is used by organisations, businesses or the government. Everyone responsible for using data has to follow strict rules called data protection principles, ensuring information is used fairly and lawfully.

Flouting the law can be costly – The Information Commissioner’s Office (ICO), which regulates the Act, can impose penalties of up to £500,000.

It’s an expensive lesson. As an example, Basildon Council was hit with a £150,000 fine for publishing sensitive personal information about a traveler family on its website – including details about disabilities and mental health issues. The ICO ruled the authority had breached the Data Protection Act when it failed to remove personal data contained in the details of a planning application, which was made publicly available online.

ICO enforcement manager Sally Anne Poole said: “This was a serious incident in which highly sensitive personal data, including medical information, was made publicly available.”

How can Gotelee Solicitors help you?

Understanding the requirements of the Data Protection Act 1998 is a key responsibility for any business. And if your organisation deals with public bodies such as local authorities and councils, you need to understand your obligations under the Freedom of Information Act 2000.

Gotelee’s specialist team of business law solicitors can give advice on all aspects of data protection and freedom of information, as well as the incoming General Data Protection Regulation, which comes into effect in May 2018, to ensure that you don’t fall foul of the law and leave yourself exposed to a severe penalty.

To find out more, call in to one of their offices in Woodbridge, Melton, Ipswich, Hadleigh or Felixstowe, or contact Victoria Spellman on 01473 298181 or at

All articles on this news site are submitted by registered contributors of SuffolkWire. Find out how to subscribe and submit your stories here »