View more on these topics

That’ll be the data

I am about to give you a lot of personal information in order for you to provide me with independent financial advice. How do I know this information is safe and will not to be used for other purposes?

Organisations that process personal data, whether held on paper or on computer, need to do so in line with obligations placed on them by various pieces of legislation such as the Data Protection Act, Freedom of Information Act, which came into force on January 1, 2005, and the Privacy and Electronic Communications Regulations.

The Data Protection Act 1998, which came into force on March 1, 2000, sets out rules for processing personal data including your name, address and date of birth, as well as your opinions and other information that could identify you.

It requires that the controller of the data, which in this case is my financial advisory firm, complies with the rules of good information handling practice, known as the eight data protection principles. Data must be fairly and lawfully processed; processed for specified purposes; adequate, relevant and not excessive; accurate and, where necessary, kept up to date; kept for no longer than is necessary; processed in line with your rights;kept secure and not transferred to countries outside the European Economic Area unless it is adequately protected.

A firm which holds relevant data needs to notify the Information Commissioner that they are a data controller. The Information Commissioner exists to police the rules to “promote public access to official information and protect your personal information”. The Information Commissioner’s helpline can be contacted on 01625 545745 or at www.inf oramtioncommissioner.gov.uk.

As a financial advisory firm, we are not exempt from registering and complying with the data protection rules. We pay an annual fee to be a member of the data protection register and face fines of up 5,000 if we do not comply its rules.

You have the right under the Data Protection Act to ask for a copy of the information my firm holds on you either on our computers or on manual systems. We need to provide you with this information in 40 days and are allowed to charge you a 10 fee for the time taken to retrieve the information.

In many instances, we need to pass your information to an insurance company, bank or investment house. You usually supply this on an application form that is necessary for the policy or investment contract to be issued to you.

A case concerning personal data being passed to a call centre of a British bank in India is going through the courts. It resulted from a complaint made to the Information Commissioner about data protection. The outcome is not yet known.

Another instance where financial services companies need to ensure they comply with the data protection rules is when investigations take place to find out information about people complaining or believed to be submitting fraudulent claims. If the data protection rules are broken, the company handling the data could be held legally responsible. The rules covering data protection are complex and specialist lawyers are often required to provide expert guidance.

As a business owner, you need to be aware that the rules for data protection are continually updated. Updates were issued in December 2004 with the publication by the Information Commissioner of the Employment Practices Data Protection Code Part 4: Information about Workers’ Health. This provides guidance to employers on complying with the Data Protection Act in relation to such measures as pre-employment health questionnaires, drug and alcohol testing and sickness records.

Under the Data Protection Act, information about an individual’s health is categorised as sensitive data and extensive rules apply as to how it may be collected, stored and used. Workers should be informed if information about their health is collected or stored by their employer and how it is to be used. They have the right to access information about their health that their employer holds.

I hope I have eased your concern and highlighted some of the rules that all firms need to be aware of.

Recommended

Committee could be scrapped

The controversial regulatory decisions committee of the FSA could be swept away as the regulator makes changes to its enforcement process.

The FSA has outlined an investigation into its procedures and is thought to be considering sweeping changes to the RDC.

Investec offers discount on global fund

Investec is offering 4 per cent commission on all advised lump-sum investments into the Investec global free enterprise fund until 31st December 2005. The fund is managed by Mark Breedon. It has out-performed the sector by 10.8 per cent, 24.7 per cent, 42.2 per cent, 33.65 and 46.3 per cent over one to five years […]

Jelf flexible benefits

In Focus: How to choose a flexible benefits provider — seven top tips

Jelf Employee Benefits looks at some of the key considerations employers should think about when reviewing and choosing a flexible benefits provider. Choosing the right benefits for your employees is one thing but delivering a successful employee benefits strategy is about understanding the complete picture and delivering it in a personalised way so that it resonates with each and every individual in your business. 

Newsletter

News and expert analysis straight to your inbox

Sign up

Comments

    Leave a comment