Data Protection Act Registration

The Data Protection Act protects individuals and their personal information. But what if you are the business or the organization? What responsibilities do you have under the Data Protection Act? First if you are a data controller you need to register with the Information Commissioner’s Office (ICO). Failure of registration is a criminal offense and punishable. A data controller is an individual or organization that collects, stores, and processes any personal data.

If a company or business stores or obtains personal data about their customers, they must register with the Information Commissioner’s Office. This act of registration is called “notification” It is relatively easy and the fee to do so lasts two years and is nominal. If registration is not done, than the organization is not conforming to the Data Protection Act.

There are exemptions to registering with the ICO. If a data controller is ONLY processing information about their employees, administration, and accounting for their business purposes. , they may not have to register.

The Data Protection Act has eight basic principles that must be adhered to.

*FAIRLY AND LAWFULLY PROCESSED *PROCESSED FOR SPECIFIED PURPOSE *ADEQUATE AND KEPT UP TO DATE *NOT KEPT FOR LONGER THAN IS NECESSARY *PROCESSED IN LINE WITH THE RIGHTS OF THE INDIVIDUAL *SECURE *NOT TRANSFERRED TO COUNTRIES WITHOUT ADEQUATE PROTECITON

The ICO makes sure that organizations that are processing personal data are all following these rules and regulations. A data controller has three ways to register with the ICO. First they can go to there website and fill in an application form there. Second they could register by phone. Third they may request a form and mail it in.

Personal data consists of any information that could be used to identify and living individual. Names, Addresses, phone numbers, etc. are all examples of personal data. Individuals are allowed to obtain this information from organizations. They may request a copy of the data that a business has stored on them. There is a small fee most of the time and of course the individual would need to verify their identity. Most of the time the businesses store this personal data on computers but sometimes the data is stored in manual files and may take longer to obtain.

Any data controller must register and comply with the Data Protection Act. The Information Commissioner’s Office demands this. If a business does not register, there may be financial loss to the business and perhaps even a business reputation would be ruined. So to avoid all these mishaps, a data controller should always check with the Information Commissioner’s Office to make sure they know if they need to register with them or not.