The Data Protection Act is the main piece of legislation that governs the protection of data in the UK. Any business that stores ‘personal data’ (meaning data that can identify an individual), is subject to the Act. Personal data can be as simple as a name, address or date of birth.
Implications on your Business
Even if your customer records only contain basic information, or if you have compiled a marketing list with names and email addresses, you have certain duties under the Act. See further information from the Information Commissioners Office
If you are a ‘Service Provider’, any personal data breach, including loss of, or unauthorised access, must be notified to the Information Commissioners Office within 24 hours of discovery. Failure to do so can result in a fine. If the breach is likely to affect personal data or privacy, you must also notify those affected. See further information from the Information Commissioners Office
Here at McGrady Insurance, we understand your concerns in terms of changing technologies. Get in touch to carry out a review of your cyber exposure and enable us to present a solution to suit your business needs and requirements.