Equity Culture

Tel: +44 (0)7956 691 104

  • Home
  • About Us
  • Board Evaluations
  • Regulatory Compliance
  • Clients and Case-Studies
  • Noticeboard
  • Blog
  • Contact Us

Who is responsible for Data Protection compliance?

8th July 2011 4 Comments

“We are looking to tighten up our policies and procedures on Data Protection Act compliance and there has been some confusion over where responsibility for compliance should lie. Historically this has fallen within the IT teams but we are not sure that this is the best place. In other companies, who takes prime responsibility for Data Protection – both Notifications to the Information Commissioner and compliance with the principles of the Act?”

Leave a Reply Cancel reply

Only your comment and indication of company type will be published

Comments

  1. FTSE SMALL CAP said

    8th July 2011 at 12:00 am

    It has always, in my experience, been a matter for the Company Secretary, as part of the overall legal compliance role that is generally part of that job. Once the procedures and registrations are in place, some responsibilities may be delegated, with periodic training (e.g.for HR teams in the event of Data Subject requests, or IT for secure storage of data). If personal data is a key business asset – for example, of a service/sales/marketing business – a full-time DPA compliance officer could be useful.

    • FTSE 250 said

      8th July 2011 at 12:00 am

      The Cosec takes responsbility for compliance and chairs a Data Security committee which includes representatives of each operational area of the business plus IT and HR. Each member is responsible for their area. Policies and procedures are regularly reviewed through the committee and new regulations/guidelines are considered.

      • EX LISTED said

        8th July 2011 at 12:00 am

        This used be the responsibility of the Company Secretarial Department. However, with the increased focus on Competition Law compliance and the Bribery Act, we now have a dedicated Compliance Officer who has taken over responsibility for Data Protection.

        • FTSE 100 said

          8th July 2011 at 12:00 am

          The Company Secretary has ultimate responsibility for both compliance and notifications.

          This involves close involvement with heads of operating areas who ensure compliance within their areas of responsibilty and who assist with the preparation of notifications.

          Sections

          • Home
          • About Us
          • Board Evaluations
          • Regulatory Compliance
          • Clients and Case-Studies
          • Noticeboard
          • Blog
          • Contact Us

          Recent Notices

          • Providing copies of the Register of Members to external parties

            Providing copies of the Register of Members to external parties

            1st December 2022
          • Related Party Transactions

            Related Party Transactions

            21st September 2022
          • Should NEDs be required to hold shares in the company?

            Should NEDs be required to hold shares in the company?

            16th August 2022
          • Board Support Assistant

            Board Support Assistant

            11th July 2022
          • Interim Company Secretary Role

            Interim Company Secretary Role

            5th July 2022

          Contact EquityCulture

          Address:

          89 Kesteven Way,
          Corby,
          Northamptonshire
          NN18 8GF

          Registered in England and Wales No. 06008649.

          • Blog
          • UK Board Evaluations
          • UK Corporate Governance

          © 2023 EquityCulture | Site Designed & Built by Midland Tech