DATA PROTECTION ACT 1998 - COMPLIANCE OBLIGATIONS - FREE WEBINAR

29 MAY 2008 15:00 BST

REGISTER 

('Upcoming' Tab - then click on 'Data Potection Act Compliance' and provide required registration details) 

The Data Protection Act and its enforcement provisions are changing - Are you ready? 

• • What are your Data Protection Act compliance obligations?
  • How can you ensure you meet them?
  • What are the personal and corporate penalties for failure?

Data Protection Act (DPA) compliance has been in the UK news a lot over the last few months - following a series of well-publicised breaches of personal information security at organisations like HMRC, the Nationwide Building Society and others, the Information Commissioner has been pushing even harder for a greater deal of compulsion to bring about wide-ranging compliance with the provisions of this legislation.

The DPA requires data controllers to take appropriate security measures to protect personal data and deploy technical and organisational standards that are appropriate in all relevant circumstances. The Information Commissioner’s Office (ICO) has powers to challenge organisations that fail to comply with the DPA. The ICO usually issues an enforcement notice when it becomes aware that an organisation has seriously breached the DPA.

Companies with household names (eg Marks & Spencer) and public sector organisations (eg Humberside, Northumbria, Staffordshire and West Midlands Police) have been found to be in breach of the DPA and issued with enforcement notices. Section 55 of the DPA identifies specific criminal offences in relation to breaches of the act and gives the ICO powers to take criminal action against individuals.

In May 2008, the UK Criminal Justice & Immigration Act was amended just before it received Royal Assent, and a regime of substantial financial penalties has been created in respect of any "data controller who breaches the act if the ICO is satisified that the offence was deliberate or that the data controller knew, or ought to have known, of the contravention risk, and failed to take reasonable steps to prevent the breach." In effect, this act amends and updates the DPA.

JOIN THIS FREE WEBINAR, on 29 MAY 2008, to find out just what the current situation is and to identify the steps that your organisation needs to take - and the tools that you can deploy - to ensure your compliance with the amending legislation.