Data protection is good for business

"The fact that most businesses do not consider data protection compliance a major effort is a real step towards our aim of integrating data protection into everyday information handling practices across the UK," said Assistant Commissioner Jonathan Bamford.

Data protection laws require businesses that process personal information to comply with the eight principles of data protection – which include making sure that staff and customer records are stored securely, used for the right reasons and always correct and up to date. Most firms are also required to notify the Commissioner's Office.

The research, carried out by the University of Lincoln, sampled the attitude of 250 small businesses to data protection in the UK. The findings revealed that 80% of businesses thought that data protection was relevant to them, agreeing "absolutely" that personal information should be protected and that the principles of data protection are a "good thing".

The survey also found that:

• 99% have heard of the Data Protection Act (DPA);
• 52% find compliance quite easy and 24% consider compliance very easy;
• 77% agree that data protection is important to their business;
• 91% believe that security of data and information is important to their business operations;
• 91% agree that privacy and confidentiality are important to their clients and business operations; and
• but only 42% had actually notified the ICO that they hold personal information

"Small businesses have a mind-boggling array of legislation to comply with and we're trying to cut out the jargon so people know what they should and shouldn't be keeping on file," said Bamford. "The DPA is not in place to hinder business, following its standards not only protects customers and employees but also helps a business to be more effective"