 |
Guidance and advice on databases and handling of personal and sensitive data
With the emergence of new databases with the ability to disseminate personal and sensitive data, AABC has sought advice and guidance from the Information Commissioner's Office to ensure that BCRPs are able to make reasoned and informed decisions concerning the purchase, operation and management of databases, including access by third party users. As new systems, which may not have sought the benefit of guidance from the ICO, present themselves to BCRPs as solutions to data sharing, it is important that they ascertain their suitability before committing themselves financially or facing difficulties of data compliance in the future.
The scope of the advice AABC has obtained from the ICO includes due diligence that should be carried out prior to the purchase of such a system - however this is not a legal requirement. AABC has also looked at the issues of recording, transferring, handling, tracking, auditing and destruction of live data. ‘Live data’ is any information that contains details of a living person and can be related back to that person.
The advice document can be found in the members' area of the AABC website under 'Data Protection'.
30 July 2010