Nowadays, it can feel as though we live most of our lives online. We talk to and make plans with our friends and family through social media, such as Facebook. We communicate with our bosses and colleagues via email. Our daily lives are publicised on image sharing apps like Instagram. We have the option of publishing our stream of consciousness on Twitter. But it’s important to remember that our online presence goes beyond the social. It also ventures into the financial. Many of us do the majority of our shopping online. The weekly food shop is made simple with the option of online shopping. Our food and drinks are chosen online, collected by a staff member and delivered to our doors. All we need to do is put it in our cupboards and consume it. Clothes can be purchased brand new from retailers or second hand through eBay, Etsy and depop. You can even go as far as ordering pets online, to be safely delivered to your home. So with our financial details being entered into online sites so frequently, we cannot emphasise the importance of keeping our details and others’ details safe online. Let us show you how.
The Data Protection Act is one of the most useful ways to ensure that personal information and data is kept private. It is important for employers to adhere to it and for customers and clients to understand their rights under it. Here we’ll go through some of the basics. However, it is a complex law, and you will benefit from researching further yourself.
Data Protection Act
The Data Protection Act (or DPA) was introduced in 1998, with the exact purpose of keeping our personal details private. It is an Act of Parliament, which focuses on UK law regarding the processing of data of identifiable, living people. It is a much-needed tool for individuals to control information about themselves.
What Is Personal Data?
Personal data is any data that can be used to identify a living person. This can include names, addresses, email addresses and personal phone numbers.
What Does the Act Apply To?
The act applies to any data that is stored or due to be stored in relevant filing systems or computers.
What Rights Does the Act Give to People?
If you have your data stored, the act ensures that you have a right to view the data that an agency has a hold of. It is important to remember that this often involves a fee. At the moment, maximum fees apply. These are £2 for credit reference agencies, £50 for health and educational data and £10 for anything else.
If the data stored is incorrect, an individual has the right to request that it is changed. If the company fails to carry this out, the individual can receive compensation.
An individual can request that their personal data isn’t passed on for marketing purposes.
An individual can request that their data isn’t used in any way that can cause them personal harm or distress.
How To Keep Your Personal Information Safe Online
If you provide your details to a company, it is their job to keep it safe. However, you can take extra precautions to protect yourself from identity fraud or misuse of information.
If someone online (be it a person or website) is asking for your personal information, ask yourself a few questions before providing. Who is asking for your information? Are they genuinely who they claim to be? What will they be using it for? Is this something you are happy with? Is it necessary to provide these details? What are the potential consequences for you if the information is misused? Most of this is common sense; however, scammers are becoming increasingly clever in their ways. It’s always better to be safe than sorry. Never give your information to anyone if you have the slightest doubt in their genuinity or intentions.
Most social networking sites and email accounts will require you to create a password to log in. Try your hardest to ensure that this password isn’t something that somebody else (a strange or someone you know) can guess. Avoid commonly used passwords (such as “password”) and keyboard sequences (for example, “qwerty”). Also avoid easily guessable words, such as your child’s name, partner’s name or pet’s name. When choosing security questions, pick ones whose answers aren’t common knowledge. For example, your mother’s maiden name.
If you are a fairly open person when it comes to social networking, we suggest changing the privacy settings on your page. This means you can post all you like, but only select people will be able to view your page’s content. This advice also applies to personal blogs. Most blogging platforms offer you the option of making your pages password protected.
If it sounds too good to be true, it probably is
If you receive an email saying that you’ve won a vast sum of money, or if you receive a message from a “solicitor” claiming that a never-heard-of and vastly rich relative has left you a lump sum of money in his or her will, it probably is too good to be true. Always verify the source of the email and never give personal details out unless you know exactly who’s on the receiving end of your message.
How to Keep Others’ Personal Data Protected
If you store others’ personal information, you are in a position of great responsibility. It is paramount that you keep this information safe and only use it as the person intended. Otherwise, there could be great repercussions.
Consequences of breaching data protection
If you breach the data protection act, there are strict penalties in place. These can range from monetary penalties to prosecutions. Files can reach £500,000 and you could be incarcerated for the intentional misuse of data.
How to comply with data law
ISO 27001 can help you comply with all data protection law. It is the international standard for information security management. It also provides a framework for developing, implementing and maintaining an independently auditable ISMS (information security management system). There are various verified companies out there that can help you with iso 27001 it support.
If you are a small business owner, you might want to take a further look into our advice on optimising a small business website.