With changes on the way to the European Directive, we can expect to see these incorporated into the UK’s national law over the next few years. After all, it wasn’t until the directive of ’95 that the Data Protection Act (DPA) 1998 came into its current form. The law is now 14 years old and showing signs of age in a much changed online world. However, even with a new law (presuming it takes another three years to update) that still leaves us with a new DPA law in say, 2016?
So, with three or four years left until the changes, I am advising my clients that the best way to “future proof” themselves is a solid response to the existing legislation, and the ICOs resulting guidance.
The problem with the set-up is that everyone’s ideas on privacy are different, and it is impossible to legislate for every scenario, which means the eight Data Protection Act principles have to be applied “case by case”. The principles are littered with words like “adequate”, “necessary” and “appropriate” throughout, which means that there are no “hard rules”. Essentially what is required is an understanding of the organisation itself, coupled with knowledge of the Act.
The answer therefore lies in DPA training. Professionals who understand and can apply these principles, who are aware of what the act does (and doesn’t!), can use these to achieve not only legal compliance, but often economy and efficiency for the organisation as well. After all, the Act doesn’t ask anything unreasonable e.g. statements like ‘apply “appropriate” security’, ‘get rid of things you don’t need’, ‘be fair and tell people what you intend to do’, ‘ensure your data is accurate and up to date’ and so on. These requirements are hardly unreasonable – just good business sense.
Every organisation in the UK has to comply with the DPA. So, it’s always beneficial to invest in a DPA training course. Not only will you meet other like-minded professionals and share experiences, but you will return with something of value, a motivated individual(s) who can take what they have learnt and apply it to your business.
By undertaking DPA training you or your staff can make a real business change, not just achieve legal compliance. You can make your organisation better and stronger as a result. Book you place onto the DPA Foundation training course, now online at www.itgovernance.co.uk/shop/p-525.aspx.