Data Protection Act needs further "clarification"

The government has been called on to clarify the provisions of the Data Protection Act in relation to information held by employers.

The Chartered Institute of Personnel and Development (CIPD) made the appeal after the first consultation document on employee relations was issued.

Diane Sinclair, CIPD Adviser on Employee Relations, said: “While we welcome the guidance on the Data Protection Act in relation to recruitment and selection, the code is still not clear about what is necessary to comply with the law and what, in the information commissioner’s view, is good practice."

Mrs Sinclair went on to say that the code ought to be accessible and available for use by everyone, and at present the Act is not "user-friendly" in its current state.

According to the Information Commissioner Elizabeth France, who oversees implementation of the Act, anyone processing personal data must comply with the eight enforceable principles of good practice. The legislation calls for data to be: fairly and lawfully processed; processed for limited purposes; adequate, relevant and not excessive; accurate; not kept longer than necessary; processed in accordance with the data subject's rights; secure; and not transferred to countries without adequate protection.

Northern Ireland organisations running Closed Circuit TV (CCTV) surveillance cameras have recently been warned that they may be liable for a fine under the Data Protection legislation. Under the terms of the Data Protection Act 1998, all commercial CCTV systems should have been registered with the government Information Commissioner by October last year. Organisations that have not yet complied with the provision are liable to pay fines of up to £5,000.

(GMcG)