Thursday, 18 March 2010
- Choose your business solution:
- Finance
- Business advice
- Tools and calculators
- Benefits
- Policy
- Guides
- Campaigns
- News
- Hot tips
- Legal
- Benefits
- Business advice
- Policy
- HR
- Business advice
- Guides
- Benefits
- Hot tips
- News
- Templates
- Tools and calculators
- Health & Safety
- Development
- Benefits
- Business advice
- Policy
- Events
- BusinessBuilder
- Hot tips
- Purchasing
- Services
- Tools and calculators
- Business advice
- Communications
- Research
- Benefits
- Campaigns
- Publications
- Have your say
- MD
- Coming soon - our Managing Director solution is a bespoke package which offers you comprehensive support and guidance across all areas of your business.
- About us
- Join us
- Business advice
- Our publications
- Departments
- Contact us
What you need to know about data protection law |
||||||||||||
|
||||||||||||
|
||||||||||||
|
Data protection law and data encryption
Adhering to the Data Protection Act is something that you will need to do if you store data on clients, employees or suppliers. your business to stay legal and avoid any unnecessary legal action
By taking action now you are hopefully going to avoid problems later should your business be investigated. This will save you money and time in the long run, and will only cost you a small registration fee of £35 per annum.
RIPA has implications for those using encrypted data. This guide does not constitute legal advice. It is strongly suggested that you receive qualified legal advice to help you if you have any Data Protection Act or RIPA questions or issues. Understanding the Data Protection Act We all like to protect our privacy, and the Data Protection Act provides a legal framework to which we all need to adhere if we are to stay above board. By protecting this information you will retain your reputation and prevent time consuming and costly investigations later. There are other regulations that apply to anyone considering a telephone or email marketing campaign called the Privacy and Electronics Communications Regulations. For further detail visit the Privacy and Electronic Communications Guide. The Data Protection Act allows each of us to know what information is being held about us. Any information that is held must be handled appropriately, and there are 8 guiding principles. Data must be:
If someone should feel that their data is not being managed according to these principles then they can contact the Information Commissioners Office for assistance. At this point your small business may be investigated with possible subsequent enforcement action.
Regulation of Investigatory Act (RIPA Part III)
RIPA is normally associated with investigations into criminals and criminal behaviour using surveillance, not the running of small businesses, but recent changes in legislation may impact your use of IT.
Data encryption is the process of taking normal computer data and files and mixing them up so that they become unreadable to unauthorised users. This process of mixing up or encrypting data uses advanced mathematics, which we won't bother you with. What you do need to understand is the use of electronic keys to unlock encrypted data. These often take the form of long passwords but act as the secret key to all of your encrypted data. Normally you would keep these keys locked away very securely as if you lose them then your encrypted data could be unlocked by unauthorised users.
As you can imagine many criminals are now encrypting their data to prevent the authorities accessing it. To get around this problem legislation was enacted in October 2007 that forces an individual or a business to hand over their secret encryption key. If you fail to do so then you could face a 5 year jail term.
This is very important for a small business to remember when putting in place data encryption. Always keep your encryption keys secure, but remember that the authorities may, in rare circumstances, demand the key to inspect your data.
Of course we know that users of the Business IT Guide are all upstanding citizens but we would hate to see our users end up in jail!
What you need to do
It is strongly advised that you visit the websites below which carry up to date and accurate information on the Data Protection Act and RIPA as it relates to small businesses. The Data Protection Act site also carries information on how to register your business, which is highly likely. Data Protection Act for small businesses Regulation of Investigatory Powers Act
This article was first published as Data protection law on Business IT Guide, part of e-skills, the Sector Skills Council for IT and telecoms. The Business IT Guide has been developed in collaboration with industry experts to help small businesses find the right IT solutions for the issues that affect them. |
- Browse by business solution
- Financial Director
- Legal Director
- HR Director
- Health and Safety Director
- Development Director
- Purchasing Director
- Communications Director
- Managing Director
- Browse by membership packages
- Introductory membership
- Intermediate membership
- Advanced membership
- Expert membership
Follow us on: 
© 2010 Forum of Private Business | info@fpb.org | Website by Fat Media
