"The fact that most businesses do not consider data protection compliance a major effort is a real step towards our aim of integrating data protection into everyday information handling practices across the UK," said Assistant Commissioner Jonathan Bamford.
Data protection laws require businesses that process personal information to comply with the eight principles of data protection – which include making sure that staff and customer records are stored securely, used for the right reasons and always correct and up to date. Most firms are also required to notify the Commissioner's Office.
The research, carried out by the University of Lincoln, sampled the attitude of 250 small businesses to data protection in the UK. The findings revealed that 80% of businesses thought that data protection was relevant to them, agreeing "absolutely" that personal information should be protected and that the principles of data protection are a "good thing".
The survey also found that:
"Small businesses have a mind-boggling array of legislation to comply with and we're trying to cut out the jargon so people know what they should and shouldn't be keeping on file," said Bamford. "The DPA is not in place to hinder business, following its standards not only protects customers and employees but also helps a business to be more effective"