padlock

Updated: ICO offers advice to businesses handling data

Government watchdog to release handbook for dealing with data

Written by David Neal

IT Week, 11 Dec 2007

The Information Commissioners Office has called for firms to consider the privacy of individuals before installing, or developing new IT systems.

At a conference in Manchester the organisation, the UK government's data watchdog, described last month's data losses at HMRC as a watershed moment in privacy, and added that in order to reduce the risk of similar incidents firms should implement safeguards to protect data. To support this it has launched a guide to help firms better manage data, and also, to give individuals more confidence in their ability to protect privacy. This is called the Privacy Impact Assessment handbook.

The handbook is designed to suit all organizations, regardless of their size, and thus is quite lengthy. However, it is broken down into relevant areas, and suggests that firms only carry out an assessment if they are implementing tools and systems that have an impact on the privacy of individuals. It adds. "While it is necessary to ensure compliance with privacy laws, there is no obligation to undertake a PIA."

It suggests that firms take a PIA to ensure that they avoid the loss of trust and reputation, to identify and manage risks, to avoid later costs, and to help meet, and exceed their legal requirements. Company directors and senior executives are warned that ultimately they are responsible for ensuring that risks are identified, assessed and managed.

With pushes for stronger legislation happening almost constantly, firms would be advised to carry out such an assessment, if only to ensure their partners, and customers, that their data was looked after in an appropriate manner.

The handbook contains a list of questions for firms to consider, starting with, "Does the project involve new, or inherently privacy-intensive, technologies?" The ICO suggests that these would include smart cards, biometrics, RFID tags, data mining, and the logging of electronic traffic. It then asks, whether the privacy implications of these are well understood by the business, and indeed the public.

Further questions are designed to help firms get a better understanding of their system and its implications on privacy, and data protection. Where firms handle a lot of data, so they should pay more attention to their systems, and their compliance with relevant regulations.

Enjoyed this article? Help spread the word:

Comments

Reader comments for this story
Post your comment Post your comment   What is this?

Also read

Related articles

White papers

Related jobs

Most read

Most commented

Special Reports

Latest

Spotlight

Richard Solomons, FD of Intercontinental Hotel Group

Profile: Richard Solomons, FD of InterContinental Hotel Group

Richard Solomons is masterminding Intercontinental Hotel Group's strategy of ownership,...

PwC 10-year anniversary special report

Relive how the controversial mega-merger of Price Waterhouse and Coopers...

Make partner fast with YP

The latest edition of Young Professional features our definitive guide...

Find your next job

Find your next job
Solve your clients debt problem with a ClearDebt IVA
Salary Checker

Newsletters

Sign up here for the very latest news delivered to your inbox. Choose from the following options:

Search white papers

Search white papers

Have your say

THE BIG QUESTION: IS FAIR VALUE REALLY FAIR?
Fair value accounting has attracted a lot of criticism, but is it actually fair?
Yes, it's better than any other method available.
No, it's caused too much trouble. Get rid.
It's promising but could work better with modifications.

Job of the week

More finance jobs...

Your next job