Data Protection Policy
Statement of Policy
Archive Management Systems Limited (AMS) complies fully with the Data Protection Act 1998 and other relevant legislation relating to such documents.
Guide to the Data Protection Act 1998
This document provides an overview of the data Protection Act 1998 and general guidance on compliance for AMS staff. It does not and could not cover every situation in the day to day working of AMS but states the principles that staff should adhere to. In 1995 the Data Protection Directive (95/46/EC) directive was adopted by the European Commission to promote personal privacy rights and to harmonise the data protection laws of the EU member states. As a result of this directive the UK passed the Data Protection Act 1998. The Data Protection Act 1998 regulates how personal data (information held about living individuals) may be collected, held and disclosed. The Act sets standards that must be satisfied when obtaining, recording, holding, using or disposing of personal data.
Why does AMS need to comply?
Some of the breaches of the Act are criminal offences and in some circumstances the directors or other officers of a company in breach may also be personally liable. Criminal offences include:
These are committed where processing is being undertaken by a data controller who has not notified the Information Commissioner either of the processing being undertaken or of any changes that have been made to that processing. Failure to notify is a strict liability offence.
Obtaining and Disclosing Offences.
It is an offence to knowingly or recklessly obtain or disclose personal information without the consent of the data controller. This covers unauthorised access to and disclosure of personal information. If a person has obtained personal data illegally it is an offence to offer to sell or to sell personal data. It has been noted that individuals within the UK are becoming more aware of their rights under the Act and are therefore more likely than ever to exercise those rights. Also business competitors have been known to complain to the Information Commissioner when they know their rivals are not complying with the Act.
The administrative costs of dealing with subject access requests and complaints (which may also result in an investigation by the Information Commissioner) can be high. Therefore requests need to be dealt with promptly and efficiently and grounds for complaints avoided. The Information Commissions will also publicise upheld complaints and any successful prosecutions, which wouldn’t be helpful to AMS or its reputation.
If you would like to view our Data Protection policy in full, please contact us and we will arrange for a copy to be sent to you.
If you would like a free, no obligation quote for any of our Records Management services, call us today on 0800 783 7079, or follow the link below to fill out our contact form.Contact Us