Statement of Policy
Archive Management Systems Limited (AMS) complies fully with The GDPR forms part of the data protection regime in the UK, together with the new Data Protection Act 2018 (DPA 2018). The main provisions of this apply, like the GDPR, from 25 May 2018.and other relevant legislation relating to such documents.
Guide to the Data Protection Act 1998
This document provides an overview of Data Protection Act 2018 (DPA 2018) and general guidance on compliance for AMS staff. It does not and could not cover every situation in the day to day working of AMS but states the principles that staff should adhere to. The Data Protection Act 2018 (DPA 2018) regulates how personal data (information held about living individuals) may be collected, held and disclosed. The Act sets standards that must be satisfied when obtaining, recording, holding, using or disposing of personal data.
Why does AMS need to comply?
Some of the breaches of the Act are criminal offences and in some circumstances the directors or other officers of a company in breach may also be personally liable. Criminal offences include:
These are committed where processing is being undertaken by a data controller who has not notified the Information Commissioner either of the processing being undertaken or of any changes that have been made to that processing. Failure to notify is a strict liability offence.
Obtaining and Disclosing Offences.
It is an offence to knowingly or recklessly obtain or disclose personal information without the consent of the data controller. This covers unauthorised access to and disclosure of personal information. If a person has obtained personal data illegally it is an offence to offer to sell or to sell personal data. It has been noted that individuals within the UK are becoming more aware of their rights under the Act and are therefore more likely than ever to exercise those rights. Also business competitors have been known to complain to the Information Commissioner when they know their rivals are not complying with the Act.
The administrative costs of dealing with subject access requests and complaints (which may also result in an investigation by the Information Commissioner) can be high. Therefore requests need to be dealt with promptly and efficiently and grounds for complaints avoided. The Information Commissions will also publicise upheld complaints and any successful prosecutions, which wouldn’t be helpful to AMS or its reputation.
If you would like to view our Data Protection policy in full, please contact us and we will arrange for a copy to be sent to you.