Data Protection Summary: Taking care of personal data

If your role involves handling personal data related to customers, staff or any other business contacts, please ensure you understand your legal obligations under the Data Protection Act and ask yourself the following questions:

  • Do I really need this information about an individual?

  • Do I know what I’m going to use it for?

  • Do the people whose information I hold know that I’ve got it? Are they likely to understand what it will be used for?

  • Am I satisfied the information is being held securely, whether it’s on paper or on computer? And what about my computer/laptop/tablet/smartphone; is it secure?

  • Am I sure the personal information is accurate and up to date?

  • Do I delete/destroy personal information as soon as I have no more need for it?

  • Is access to personal information limited only to those who need it?

  • If I want to put staff details on our website, have I consulted with them about this?

  • If I want to monitor staff, for example by checking their use of email, have I told them about this and explained why?

  • Have I trained my staff in their duties and responsibilities under the Act, and are they putting them into practice?

  • If I’m asked to pass on personal information, am I and my staff clear on when I am allowed to do so?

  • Would I know what to do if one of my employees or individual customers asks for a copy of information I hold about them?

  • If I use CCTV, is it covered by the Act? If so, am I displaying notices telling people why I have CCTV?

  • Are the cameras in the right place, or do they intrude on anyone’s privacy?

  • Do I know who is the appointed Data Protection Officer for my business unit?

  • What is the policy for dealing with data protection issues?

  • Do I need to notify the Information Commissioner about an incident or event?


If you have any concerns about the security of personal data, or the measures you can take to protect personal data, please contact your manager or Data Protection Officer immediately.

Information Commissioner’s Office: IT Central Services.

To download this paper, complete the form below:

Resource Download Form


Want to find out more?

Contact Us
© Searoc. All rights reserved. | Privacy Policy
Bearfourteen & Nexmedia