News on 3 March
Data Protection Act a mystery to UK businesses

The UK's stringent data protection laws went into force yesterday - but less than one-quarter of UK companies have even heard of them.

A survey by security companies Content Technologies and CenturyCom found that on the eve of enforcement, only eight per cent of UK blue-chip firms had made the necessary preparations.

From now on, under the terms of the 1998 Data Protection Act, it is an offence for companies to distribute personal details of their employees or staff outside the EU, without explicit written consent. The laws are intended to protect personal data against sale to third parties, but they pose problems for companies with a multi-national payroll.

Chris Heslop, marketing director at Content Technologies, said: "There's very little awareness of how electronic information is moved around in an organisation, particularly email which is both spontaneous and permanent. Companies need to establish content policies that can be enforced, to monitor the flow of information in and out of a company," he commented.

The laws bring UK companies into line with an EU data protection directive. They particularly affect European companies trading with the US, where infringement of personal data is not a criminal offence.

The UK Data Protection Registrar will only enforce the new laws following specific consumer complaints, so businesses still have time to set up an all-encompassing content policy.

Anna Lagerkvist

 

Tell someone about this!

Back to front page Back to news overview Next news story