GDPR, DATA PROTECTION ACT 2018, FREEDOM OF INFORMATION ACT 2000 – ADAVISTA CAN GUIDE YOU THROUGH IT
HERE IS A SELECTION OF OUR FREQUENTLY ASKED QUESTIONS…
Q: DATA PROTECTION THAT DOESN’T APPLY TO ME!
A: Yes it does! You hold “personal data” on clients and customers, as well as staff.
Q: WHAT IS PERSONAL DATA?
A: There is a very broad definition in the legislation. Hereis a list of some of the most common formats held by businesses:
Mobile telephone number
NI Number/Staff number
Date of Birth
Driving Licence number
Expressions of opinion
Q: DO I NEED TO PAY THE FEE TO THE INFORMATION COMMISSIONERS OFFICE?
A: Since 2018 we have had the Data Protection Fees Regulations. If you process data electronically (any format on any device) you must pay one of the three Tier Fees. The best thing to do is to check it out with a ‘Specialist’ such as aDaVista. There are very few exemptions that apply.
Q: WHY DO SOME EXPERTS MAINTAIN THAT MANUAL DATA IS STILL NOT INCORPORATED IN THE LEGISLATION?
A: ‘Structured’ manual data has been included in the legislation since 1998. ‘Structured’ means that similar data is captured on individuals and each set of data is recorded in the same way. Now, in 2018, the majority of data is held electronically anyway, and therefore covered by the legistlation.
Q: WHAT ABOUT CCTV?
A: Your face is an identifiable feature and personal data. CCTV records this ‘personal data’, and it is included in the legislation. If it is being recorded and stored for prevention or detection of crime purposes, a notice that it is in use must be displayed.
Q: BUT SURELY I AM ONLY KEEPING PERSONAL DATA ON MY STAFF IT CANNOT POSSIBLY COVER MY CLIENT BASE DETAILS.
A: Yes it does cover customer information. A Business Card is considered all to be personal data about the individual especially if that person is a sole trader! For example, accounts information is covered because it is a record of a spending pattern, or one persons work.
Q: THIS IS BUREAUCRACY GONE MAD!
A: We at aDaVista believe the exact opposite is true. Now a legal framework exists to be used by individuals and companies to improve decision-making because it makes as much information available as possible. Obviously, some information needs to be kept confidential to ensure privacy and prevention of harm to the individual, or maintain business competition, but generally speaking, the idea is to level the playing field!
Q: WHY ADOPT THE GDPR AND HAVE A NEW ACT?
A: The Data Protection Act 1998 was based on the 1995 Directive. The GDPR and Data Protection Act 2018 bring the legislation in the UK up-to-date. Also, the new laws bring more formal structure to the rights and freedoms of individuals. It is easier for us to realise what organisations are doing with our personal information with these laws.
Q: WHAT IS THE FREEDOM OF INFORMATION ACT 2000?
A: A piece of legislation permitting access to information held by public authorities. It came into force on1st January 2005.
Q: DOES THE FREEDOM OF INFORMATION ACT APPLY TO EVERYONE?
A: No. This Act applies to non-personal data held/processed by Public Authorities.
Q: WHAT IS A “PUBLIC AUTHORITY” IN THE CONTEXT OF FREEDOM OF INFORMATION?
A: Not just Central Government; local government; public services (police etc), but also doctors; dentists; pharmacists and opticians. All in all, over 100,000 in England and Wales.
Q: THE DATA PROTECTION ACT 2018 & UK GDPR APPLY TO THE WHOLE OF THE UNITED KINGDOM – WHAT ABOUT THE FREEDOM OF INFORMATION ACT 2000?
A: The Freedom of Information Act 2000 only applies to England and Wales. Scotland and Northern Ireland have their own legislation.
A: The Information Commissioner’s Office (ICO) in England. There is a Scottish Information Commissioner for Scotland’s Act.
Q: IF THE FREEDOM OF INFORMATION ACT APPLIES TO PUBLIC AUTHORITIES, WHAT RELEVANCE IS IT TO PRIVATE ORGANISATIONS?
A: The relevance comes into play where private organisations want to work with Public Authorities – find out everything about an existing contract and who else is bidding.
Q: CAN ANYONE REQUEST ACCESS TO INFORMATION?
Q: IS ACCESS / DISCLOSURE GUARANTEED?
A: No. The public authority can withhold disclosure of information if they believe an exemption applies.It must include the exemption(s) it wants to apply. You can contest the application of an exemption.