The Data Protection Act (DPA) is a United Kingdom Act of Parliament which was passed in 1988. It was developed to control how personal or customer information is used by organisations or government bodies. It protects people and lays down rules about how data about people can be used.
The DPA also applies to information or data stored on a computer or an organised paper filing system about living people. Organisations that do not adhere to the rules set out by DPA risk prosecution by the Information Commissioner’s Office (ICO) where fines can reach up to £500,000 and even imprisonment.
The Data Protection Act was replaced in May 2018 by the General Data Protection Regulations (GDPR).
How can you successfully meet data regulation standards?
Ensuring you have the right technology, processes and people in place to handle the quality of the data that you hold was a key part of thriving under the DPA (and now the GDPR). Important activities you should consider include:
- Regular evaluation of the quality of the data that you hold and are continuing to collect. Contact Data Validation and Data Cleansing are good ways of doing this.
- Ensuring you have the right roles and responsibilities set out for your data’s management including the focal point of a Data Protection Officer.
- Analysis and profiling of your data to identify any potential gaps or issues that could cause problems to arise.