If you are gathering personal details on your website or in business, ask yourself these questions to see if you comply with the Data Protection Act. A “YES” does not guarantee compliance, but it means you are heading in the right direction. If you don’t have one, a Privacy Policy can be found in our document shop.

• Do I really need this information about an individual? Do I know what I am going to use it for?
• Do the people whose information I hold know that I’ve got it, and are they likely to understand what it will be used for?
• If I’m asked to pass on personal information, would the people whose information I hold expect me to do this?
• Am I satisfied the information is being held securely, whether its on paper or on computer? And what about my website? Is it secure?
• Is access to personal information limited to those who absolutely need to know?
• Am I sure the personal information is accurate and up to date?
• Do I delete or destroy personal information as soon as I have no need for it?
• Have I trained my staff in their responsibilities under the Data Protection Act? Are they fulfilling them in practice?
• Do I need to notify the Information Commissioner? If so, is my notification up to date?

For more information and advice on good information handling go to : www.ico.gov.uk or phone 08456 306060