Equity Communications

Tel: 0121 434 5057

  • Home
  • About Us
  • Board Evaluations
  • Regulatory Compliance
  • Clients and Case-Studies
  • Noticeboard
  • Blog
  • Contact Us

Who is responsible for Data Protection compliance?

8th July 2011 4 Comments

“We are looking to tighten up our policies and procedures on Data Protection Act compliance and there has been some confusion over where responsibility for compliance should lie. Historically this has fallen within the IT teams but we are not sure that this is the best place. In other companies, who takes prime responsibility for Data Protection – both Notifications to the Information Commissioner and compliance with the principles of the Act?”

Leave a Reply Cancel reply

Only your comment and indication of company type will be published

Comments

  1. FTSE SMALL CAP said

    8th July 2011 at 12:00 am

    It has always, in my experience, been a matter for the Company Secretary, as part of the overall legal compliance role that is generally part of that job. Once the procedures and registrations are in place, some responsibilities may be delegated, with periodic training (e.g.for HR teams in the event of Data Subject requests, or IT for secure storage of data). If personal data is a key business asset – for example, of a service/sales/marketing business – a full-time DPA compliance officer could be useful.

    • FTSE 250 said

      8th July 2011 at 12:00 am

      The Cosec takes responsbility for compliance and chairs a Data Security committee which includes representatives of each operational area of the business plus IT and HR. Each member is responsible for their area. Policies and procedures are regularly reviewed through the committee and new regulations/guidelines are considered.

      • EX LISTED said

        8th July 2011 at 12:00 am

        This used be the responsibility of the Company Secretarial Department. However, with the increased focus on Competition Law compliance and the Bribery Act, we now have a dedicated Compliance Officer who has taken over responsibility for Data Protection.

        • FTSE 100 said

          8th July 2011 at 12:00 am

          The Company Secretary has ultimate responsibility for both compliance and notifications.

          This involves close involvement with heads of operating areas who ensure compliance within their areas of responsibilty and who assist with the preparation of notifications.

          Sections

          • Home
          • About Us
          • Board Evaluations
          • Regulatory Compliance
          • Clients and Case-Studies
          • Noticeboard
          • Blog
          • Contact Us

          Recent Notices

          • TCFD advisors / agencies

            TCFD advisors / agencies

            2nd May 2022
          • Board portals

            Board portals

            2nd May 2022
          • E-learning training platforms for Group employees

            E-learning training platforms for Group employees

            30th April 2022
          • Permissions to Deal when transferring shares to an ISA

            Permissions to Deal when transferring shares to an ISA

            13th March 2022
          • Shareholder mailing preferences

            Shareholder mailing preferences

            22nd February 2022

          Contact Equity Communications

          Address:

          The Lodge,
          88 Katherine Road,
          Birmingham,
          B67 5RF

          Registered in England and Wales No. 04951030.

          • Blog
          • UK Board Evaluations
          • UK Corporate Governance

          © 2022 · Equity Communications 2015 ·· Site Designed & Built by Midland Web Solutions