Warning: Use of undefined constant includes - assumed 'includes' (this will throw an Error in a future version of PHP) in /homepages/14/d377707900/htdocs/tvpe.com/wp-content/themes/targetpro/functions.php on line 322
Transfer of Personal Data – How to avoid Penalties & unwanted Publicity…
Call On: 0845 5442755

Transfer of Personal Data – How to avoid Penalties & unwanted Publicity…

 

…which both ultimately lead to loss of reputation!

Principle 8 of the Data Protection Act 1998 “Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.”

This is the UK law that applies to whether a transfer of personal data, information that can identify an individual, can legally take place.

Personal data can only be transferred within the EEA, or to a country subject to a ‘finding of adequacy’ or if they have signed up to the Safe Harbor Scheme (more on that later).  Otherwise, you will need to assess whether the transfer will provide an adequate level of protection “for the rights and freedoms of data subjects in relation to the processing of personal data”

For the most part the Data Protection Act does not stop this activity, it merely forces an appropriate decision making process.  These are some of the elements that you will need to consider, when making your decision:

  1. does the information being transferred fall under the definition of ‘personal data”as laid out within the law?
  2. has the data been collected and processed in accordance with the law?
  3. if the transfer is not within the EEA, or to a country subject to a ‘finding of adequacy’ or if they have signed up to the Safe Harbor Scheme, can an assessment be carried out for an adequate level of protection?
  4. if adequacy cannot be established, can other adequate safeguards be put in place?

This may seem a little daunting, but really, it serves as a protection for you, your business and the trust of your clients.  It dictates a best practice led approach to ensure that you remain within the law when dealing with information about people.

So, to avoid penaltiesprevent unwanted publicity and loss of reputation keep in mind what I have mentioned here and if you are in doubt or need help, check out my series of blogs over the next week, or contact me.

Yours in staying within the law!

SarahSigNoKisses-sm

Social tagging: > > > > >

Leave a Reply