This guidance will help you to understand the importance of encryption as an appropriate technical measure to protect the personal data you hold. Whether you are a controller or a processor, encryption is a technique that you can use to protect personal data. The guidance outlines the concept of encryption in the context of the […]
UK DPA 1998
This code is intended to help employers comply with the Data Protection Act and to encourage them to adopt good practice. The code aims to strike a balance between the legitimate expectations of workers that personal information about them will be handled properly and the legitimate interests of employers in deciding how best, within the law, […]
Organisations are increasingly looking to record staff telephone calls, whether in response to specific regulatory requirements or for their own particular business needs. This eBook explores the implications of the GDPR for this type of call recording.
This code provides good practice advice for those involved in operating CCTV and other surveillance camera devices that view or record individuals, and covers other information that relates to individuals, for example vehicle registration marks captured by ANPR equipment. This code uses the terms ‘surveillance system(s)’, ‘CCTV’ and ‘information’ throughout for ease of reference. Information […]
This code explains how the Data Protection Act 1998 (the DPA) applies to the collection and use of personal data online. It also provides good practice advice for organisations that do business online and are therefore subject to the DPA. The code covers the collection and use of personal data online, whether it is collected […]
This is a guide to following the requirements of the Data Protection Act 1998 (the Act). The Act aims to promote high standards in the handling of personal information and so protect the individual’s right to privacy. The Act applies to firms holding information about living individuals in electronic format and, in some cases, on paper. […]
This code of practice explains the rights of individuals to access their personal data. It also clarifies what you must do in this regard to comply with your duties as a data controller. These rights and duties are set out in sections 7–9A of the Data Protection Act 1998 (DPA) and are often referred to […]