Data Protection Act - What is the Data Protection Act?
The Data Protection Act of 1998 is the UK law that governs the processing and handling of personal information
Keep your data stored safely in the cloud. Try Debitoor online invoicing software free for 7 days.
The act refers specifically to any data that is gathered and/or stored regarding specific individuals. If data can be linked to the identity of a particular person, the guidelines for handling that information falls under this act. Any data that is collected anonymously is not included.
The Data Protection Act and your business
As an entrepreneur or small business owner, if your company processes data relating to other individuals, it is important that your handling of this personal information complies with the Data Protection Act (DPA).
Information that falls under this act involves any data concerning an individual: be it an employee or a customer. Essentially, the act provides guidelines for what kind of information can be gathered, how it should be handled, and how long it can be kept.
The DPA requires openness about the use of information as well as follow certain principles for processing that information. The Act also provides individuals with certain rights, including the right of subject access.
Data Protection Act Principles
The DPA provides 8 principles to follow when it comes to the handling of personal data. While the Act can perhaps seem slightly intimidating, by adhering to these principles and using common sense as well will result in the appropriate collection, usage, and storage of any data under your supervision.
The DPA requires that all data:
- Be processed fairly and lawfully
- Be processed only for one or more specified and lawful purpose
- Is adequate, relevant and not excessive for the intended purposes
- Is accurate and up-to-date – individuals have the right to have inaccurate personal data corrected or destroyed
- Is kept for no longer than necessary
- Be processed in line with the rights of the individuals
- Is secured against accidental loss, destruction or damage against unauthorised or unlawful processing
- Is not transferred to countries outside the EU
It is very important to ensure that you take steps to keep all records safe and secure, whether they are hard copies or digital, and whether you are working from home or office based.
Data Protection Act and Debitoor
Cloud-based accounting and invoicing software like Debitoor strictly adheres to the DPA principles both regarding the data of our users, as well as the data stored in their accounts. Read more about security as a Debitoor user.
As a freelancer or small business owner, you can also include a reminder to your customers regarding the DPA and adherence to the above principles within your communication, such as on an invoice or quote.