The Data Protection Act requires all businesses that handle personal information to comply with regulations regarding its collection, storage, use and security. Failure to do so could result in legal action and fines. The key requirements include safely storing identifiable individual data, only using it for its intended purpose, allowing individuals access to their data within 40 days of request, keeping it accurate and up to date, and not retaining it longer than necessary. Businesses must also implement security practices like passwords, encryption, access controls and shredding to protect personal information.

1. Data Protection Act
What you need to know

2. Data Protection Act Overview
• All information you hold regarding identifiable individuals
must be safeguarded.
• The reason behind this is that the information could be
used to identify individual's and could therefore violate
their right to privacy.
• Failure to comply with the Data Protection Act could
result in prosecution, legal action taken against your
company by the aggrieved party and all the
associated reputational damage that
this entails.

3. Does this apply to me and what do I do?
• If your business handles personal information, you
have to register as a ‘data controller’- although this
sometimes depends upon individual circumstances.
• Individuals you hold data on have the right to see
that information within 40 days of asking. Failure to
comply can result in a fine of up to 5,000 pounds.
• You must also adhere to the following key points of
the data protection act…

4. 8 Best Practices for Data Handling Part 1
• Data must be fairly and lawfully processed.
• Only use data for the specific purposes which it was
collected for.
• Individuals you hold data on have the right to see
that information within 40 days of asking.
• Keep data accurate and, if appropriate, up to date
and do not keep data longer than necessary.
• Do not hold data for longer than is necessary…

5. 8 Best Practices for Data Handling Part 2
• Process all data in line with the rights of the
individual and correct factually incorrect data when
requested.
• Kept all data secure by ensuring adequate protection
is in place and do not disclose to other parties
without the consent of the individual whom it is
about.
• Do not transfer data to countries outside the
European Economic Area unless you can guarantee
that the information is adequately protected.

6. Additional Security Tips
• Keep passwords secure- never share them and be
sure to change them on a regular basis.
• Use anti-virus software and beware of suspicious e-
mail attachments.
• Encrypt personal information that is being taken out
of the office.
• Remember to delete personal information that you
no longer need.

7. Additional Security Tips Part 2
• Ensure you ‘log off’ or ‘lock’ any computers whilst
you are away from your desk.
• Shred any paper with personal information on.
• Keep backs-ups of key data where appropriate.
• Finally…remember to safeguard data held on paper
as you would electronic data.

8. Evolve with Rev Marketing
If you would like to find out more about making
your marketing activities work as hard as
possible for you,
visit www.RevMarketing.co.uk today to start
your journey to a more evolved marketing
approach.