An introduction to the Data Protection Act and the risks to you!

Course Objectives

The Data Protection Act 1998 (DPA) places a requirement on all organisations; large or small, public or private, to process personal data or sensitive personal data in a manner that complies with the eight Data Protection Principles enshrined in the Act.
  • The Information Commissioner (ICO), the office charged with managing the Act's outworking and with policing the practices, procedures and compliance standards of those responsible for the processing of personal or sensitive personal on a day-to-day basis, has exercised their rights to fine or place enforceable practice notices on those who breach these Principles. The highest fine that can be laid down is 500,000; the highest fine that has been levied is 375,000 for process failures. In these days of financial austerity no organisation can withstand a fine of that magnitude, even the more usual fine of 30,000 would cause serious harm to an organisation's viability.
  • Many in the data industry today would point the finger of blame at failings in organisational data governance, or the failure of Directors and Management to consider a data breach as a 'business critical' risk. For more detailed information on current action by the ICO go to, there you will see a list of fines and enforcements imposed upon private businesses, Councils and Government Bodies who have been heavily penalised for poor DPA practice or a failure to police their organisation's DPA Policy or procedures effectively. The very existence of this list should cause Directors, Managers and Data Specialists alike to seek guidance and professional assistance.

    Contents Who should attend Course benefits Additional information Certificates Trainers background