The key principles of the data protection act are: 
 
Data may only be used for the specific purposes for which it was collected. 
 
Data must not be disclosed to other parties without the consent of the individual whom it is about, unless there is legislation or other overriding legitimate reason to share the information. 
 
Individuals have a right of access to the information held about them, subject to certain exceptions, within 40 days. 
 
Personal information may be kept for no longer than is necessary and must be kept up to date. 
 
Personal information may not be sent outside the European Economic Area unless the individual whom it is about has consented or adequate protection is in place. 
 
All companies and bodies that process personal information must register with the Information Commissioner's Office. 
 
The departments of a company that are holding personal information are required to have adequate security measures in place. Those include technical measures and organisational measures, such as staff training. 
 
Subjects have the right to have factually incorrect information corrected 
 
If you are not sure whether the data 
protection act applies to your business or  
you feel you haven't got adequate 
measures in place to conform to the act 
that's where MS Data Protection  
Consultancy steps in. 
Contact MS Data Protection Consultancy 
Phone 01234 713890 - Mobile 07557 644599 
 
We are able to help you with data 
protection strategy, implementation, 
training and trouble shooting. We also offer a FREE data protection consultation before commencing any work on your business. 
 
MS Data Protection Consultancy  
Be Safe, Be Secure, Be Legally Compliant 
Designed and created by it'seeze