UK's Personal Information Promise

The UK's ICO Commissioner, Richard Thomas, spoke clearly about the need to protect data:
Data protection is good for business [...] Organisations are waking up to the fact that privacy is now so significant that lapses risk reputations and bottom lines [...] Protecting people’s personal details should not be left to chance. I urge all CEOs and their executive teams to take personal responsibility for treating data protection as a corporate governance issue affecting the whole organisation. They have to make sure that safeguarding the personal information of the customers and staff is embedded in their organisational culture.
Src: ICO Press Release
In the UK, the Information Commissioner’s Office (ICO) is "independent authority set up to promote access to official information and to protect personal information." Src:

As of today, over twenty organizations have signed the 10-point Personal Information Promise which states that organizations will:

1. value the personal information entrusted to us and make sure we respect that trust;
2. go further than just the letter of the law when it comes to handling personal information, and adopt good practice standards;
3. consider and address the privacy risks first when we are planning to use or hold personal information in new ways, such as when introducing new systems;
4. be open with individuals about how we use their information and who we give it to;
5. make it easy for individuals to access and correct their personal information;
6. keep personal information to the minimum necessary and delete it when we no longer need it;
7. have effective safeguards in place to make sure personal information is kept securely and does not fall into the wrong hands;
8. provide training to staff who handle personal information and treat it as a disciplinary matter if they misuse or don't look after personal information properly;
9. put appropriate financial and human resources into looking after personal information to make sure we can live up to our promises; and
10. regularly check that we are living up to our promises and report on how we are doing.

Src: Personal Information Promise |

No comments: