I have just been reading the Information Commissioner’s Annual Report 2009/10, and thought I’d summarise a few of the key statistics that really matter.
- 91% of people are aware of their right to see information held about them.How would your organisation deal with a subject access request? Do you have a process in place to ensure you meet the requirements of the Sixth Principle of the DPA?
- 94% of people are concerned about the protection of their personal information.How does your organisation demonstrate to its customers that it takes the security of their personal information seriously?
- 1,055 organisations have signed the Personal Information Promise.Out of almost 46,000 registered data contollers, this is a drop in the ocean.
- 30% increase in requests for advice and complaints than the previous year.This trend looks set to continue as awareness of rights, and fear of identity theft, continue to rise.
- 40% (32,714) more data protection cases closed than the previous year.This shows that the ICO has become more efficient and better equipped to respond to complaints and are taking their new powers seriously.
- 28% (and the most common) of complaints were relating to subject access.As people’s awareness of their rights under the DPA increase, businesses are failing to keep up, and are failing to meet their subject access obligations.
The report goes on to highlight that the ICO issued 15 enforcement notices during the year (and names the organisation they were issued to); 16 on-site compliance audits were conducted; 57 undertakings were obtained during the year and 7 bodies (a mix of individuals and organisations) were successfully prosecuted for failing to notify as a data controller with the ICO.
With the maximum penalty for breaches of data protection principles at £500,000, you can no longer afford to ignore your DPA compliance obligations!
If you want a DIY solution you should use the Complete Data Protection Toolkit:
The first thing you need to do is identify your current level of conformance. The DPA Compliance Assessment Tool will help you do this. It provides recommendations and offers guidance to help you close any gaps that are identified.
Once you have identified exactly what you need to do in order to become fully compliant with the DPA, you will find the DPA Compliance Documentation Toolkit invaluable. It includes all the documentation templates, which are fully customisable, that are essential for any data controller seeking compliance with the UK Data Protection Act 1998.
The Assessment Tool and the Documentation Toolkit will enable your organisation to become fully compliant with the DPA, and to make the process easier and provide supporting guidance, we have bundled them together with two essential pocket guides to create this Complete Data Protection Toolkit.
Comply with the DPA — Save Time — Save Money — Avoid Reputation Damage!