Data Shred Ltd - Secure Data Protection Systems for Business Datashred Ltd Get a Quote
you are here >> Home > Data Protection > Compliance Checklist

Compliance Checklist - Data Protection Act 1998

  • Is the information I hold on an individual necessary and do I know my purpose for holding such data?
  • Do the individuals concerned know that I hold information on them and the purpose for holding the data?
  • Am I allowed to pass on information on an individual and are my staff aware of under what circumstances they can pass on data?
  • Is the data stored on individuals stored securely?
  • Is the data stored on individuals accurate and current and accessed by those on a “need to know basis”?
  • Is the data stored on individuals deleted or destroyed as soon as it becomes obsolete - is there a process for secure shredding of confidential data?
  • Do I have notices alerting people that I have CCTV - are the cameras correctly located and do not infringe on people's privacy?
  • Has my staff received training to ensure the 8 principles of the Data Protection Act 1998 are adhered to?
  • If my staff's email, internet, or phone use is being monitored have they been made aware of this?
  • Do I have a Data Protection/information security policy and procedures manual set up to handle any issues that may arise?  Have I retained my Certificates of Destruction?
  • If I do need to notify the Information Commissioner - is the information held up to date?