Data Protection


BREXIT Update: At this moment in time and into the forseable future, EU Data Protection Laws still apply to all UK businesses and the upcoming changes regarding the General Data Protection Regulations (GDPR) will also apply.

 

More information can be found here:-
http://www.british-assessment.co.uk/guides/european-data-protection-law-reform-explained/

 

Current Act:

The Data Protection Act of 1998 was brought into force on March 1st 2000. Introduced to give UK citizens the right to access personal information held by ‘data controllers’ (any individual within an organisation handling personal data) within the United Kingdom, the Data Protection Act also details principles concerning the way in which sensitive data is managed.


The Data Protection Act Principles


1: Personal data shall be processed fairly and lawfully.


2: Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.


3: Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.


4: Personal data shall be accurate and, where necessary, kept up to date.


5: Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.


6: Personal data shall be processed in accordance with the rights of data subjects under this Act.


7: Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.


8: Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.


What does this mean in terms of File Transfer?


In terms of "File Transfer", it is the seventh principle outlined within the Data Protection Act, that is applicable to the implementation of secure file transfer provisions.
This states that;

Having regard to the state of technological development and the cost of implementing any measures, the measures must ensure a level of security appropriate to
(a) the harm that might result from such unauthorised or unlawful processing or accidental loss, destruction or damage as are mentioned in the seventh principle, and
(b) the nature of the data to be protected.


Summary


All businesses and organisations governed by the UK law, must ensure that adequate measures are in place regarding the transfer/storage of personal or sensitive data. Data security goes beyond just personal data and it is now good business practice to send information in general using a more secure method than email and attachments.


Why Data Send UK?


- Affordable cost effective solution - no long term contract required
- Our servers are located only in the EU
- All transfers are made using SSL encryption as standard
- Data is stored in an encrypted format
- Password protection option available to protect the download links in the notification emails
- We do not store any data longer than is necessary (i.e. 7 days)
- Registered with the Information Commissioners Office (ICO) as data controllers.


Purchase an account today