An opportunity to take stock of your data

This month we are relaunching our corporate blog. We have launched our corporate blog to discuss developments in the private security industry and to provide further insight and opinion on our work.

To kick-start our blog again, our Chair, Elizabeth France, is talking about the upcoming changes to data protection law and opportunity this gives the private security industry.

We hope you will engage in an on-going discussion with us; provide comments and share your opinions.

 __________

Tomorrow (Friday 25 May), the General Data Protection Regulation (GDPR) comes into force; it is the first time in 20 years that this legislation has been updated. The principles will be familiar to those of you who were complying with the 1998 Act but it recognises the increased damage which can be done, with the changes in technology, when personal information is not processed as it should be.

You all have your personal data processed by others. If we are processing information about you then I want you to have confidence that we are doing so in accordance with the law. We have been working hard to make the changes necessary to ensure you know what we do with your information. We are ready to deal with any requests for that information (the time scales for meeting individual subject access requests are tighter under the new law), we have provided training for all our staff and we have appointed a Data Protection Officer, whose details are on our website.

If you process information about individuals, perhaps as a security industry employer, what have you done? If you are a small business the changes you have to make may not be huge If you were complying fully with the 1998 Act. What should you do? My suggestion would be that you go to the Information Commissioner’s website www.ico.org.uk) and start by looking at the helpful guidance: Preparing for the GDPR: 12 steps to take now.

Have you got a lawful basis for processing the personal data you hold? Who in your organisation is responsible for your compliance? Did you know that fines for breaches can now be up to 20,000,000 Euros or 4% of turnover?

Data protection rules can sometimes be used as an excuse for not thinking about how we manage information; it is easier to say we cannot share for example, than to consider how we might do so lawfully. This is an opportunity for us all to take stock. To think about what we hold and why we need to keep it, to make sure we have told those whose information we collect just what we are doing with it.

If you have queries or concerns about the way we are processing personal data, please let us know and our privacy notice is available here for your use. As a Regulator we are well aware that there are many of you who have to give us the information we ask for; you have no choice. That places a particular obligation on us to earn your confidence, and to show not just compliance with the letter of the law but a respect for the information you entrust to us.

Advertisements

Author: Security Industry Authority (SIA UK) Blog

The Security Industry Authority (SIA) is the organisation responsible for regulating the private security industry in the UK. This blog aims to give a deeper insight into the Private Security Industry within the UK.

One thought on “An opportunity to take stock of your data”

  1. the CCTV PSS training course discusses in depth about DPA but as yet has not been changed to reflect the GDPR when is the contents of the course going to be changed to reflect this?

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s