The Data Protection Act of 1998 was brought into force on March 1st 2000. Introduced to give UK citizens the right to access personal information held by ‘data controllers’ (any individual within an organisation handling personal data) within the United Kingdom, the Data Protection Act also details principles concerning the way in which this sensitive data is managed.
There are eight core principles covered under the Data Protection Act. These are as follows:
- Personal data should be processed fairly and lawfully.
- Data should only be obtained for specified purposes and should not be further processed in a manner incompatible with these purposes.
- Personal data should be adequate relevant and not excessive in relation to the purposes for which they were collected.
- Personal data should be accurate and where necessary kept up to date.
- Personal data should not be kept longer than is needed for its intended purpose.
- Personal data should be processed in accordance with the rights of the individual, which the information concerns.
- Appropriate measures should be taken against unauthorised or unlawful processing or destruction of personal data.
- Personal data should not be transferred outside the European Economic Area (the EU states plus Liechtenstein, Iceland and Norway).
The principle outlined within the Data Protection Act, applicable to the implementation of secure file transfer provisions is the seventh principle. This states that;
“Having regard to the state of technological development and the cost of implementing any measures, the measures MUST ensure a level of security appropriate to – the harm that might result from such unauthorised or unlawful processing or accidental loss, destruction or damage as are mentioned in the seventh principle AND the nature of the data protected.”
Therefore all organisations, as governed by UK law, must ensure that adequate safeguards are in place regarding the storage and processing of personal data.
Our specialists at Pro2col can help you to source and implement a secure file transfer solution to suit your business requirements and align the processing of data, in accordance with The Data Protection Act. Please contact us on 0333 123 1240 for more information.