Information Commissioner's Office
ICO launches new data protection self-assessment tool for SMEs
The ICO has today launched a self-assessment tool that will help small and medium sized organisations (SMEs) to assess their compliance with the Data Protection Act.
The toolkit provides handy links to relevant guidance and further information, and will generate a rating based on responses.
Information Commissioner Christopher Graham said:
"Good data protection practice makes business sense. It can lead to better, more efficient customer service and help to protect and enhance your reputation. It could also help you avoid a fine from the ICO."
The easy-to-use toolkit may be completed as one comprehensive assessment that embraces the key obligations that SMEs have in relation to processing their customers' or clients' personal information. Alternatively, it can be broken down into separate checklists so users can tailor it to their organisation’s particular needs and risks.
Notes to Editors
- The Information Commissioner’s Office upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
- The ICO has specific responsibilities set out in the Data Protection Act 1998, the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.
- The ICO can take action to change the behaviour of organisations and individuals that collect, use and keep personal information. This includes criminal prosecution, non-criminal enforcement and audit. The ICO has the power to impose a monetary penalty on a data controller of up to £500,000.
- Anyone who processes personal information must comply with eight principles of the Data Protection Act, which make sure that personal information is:
- fairly and lawfully processed;
- processed for limited purposes;
- adequate, relevant and not excessive;
- accurate and up to date;
- not kept for longer than is necessary;
- processed in line with your rights;
- secure; and
- not transferred to other countries without adequate protection.
5. To report a concern to the ICO telephone our helpline 0303 123113 or go to ico.org.uk/concerns
Latest News from
Information Commissioner's Office
ICO fines national takeaway pizza company for unlawfully sending marketing messages to its customers16/06/2021 13:05:00
The Information Commissioner’s Office (ICO) has fined Papa John’s (GB) Limited £10,000 for sending 168,022 nuisance marketing messages to its customers without the valid consent required by law.
ICO fines three companies £415,000 for nuisance marketing10/06/2021 12:25:00
The Information Commissioner’s Office (ICO) has fined three separate companies a total of £415,000 for sending nuisance marketing to people about car finance, solar panels and funeral plans.
Elizabeth Denham welcomes a delay to the launch of the GPDPR10/06/2021 10:38:00
Elizabeth Denham recently (08 June 2021) welcomed a delay to the launch of the GPDPR.
Statement in response to concerns around the GP Data for Planning and Research programme08/06/2021 16:15:00
Statement in response to concerns around the GP Data for Planning and Research programme.
Conservative Party fined £10,000 for sending unlawful emails03/06/2021 12:05:00
The Information Commissioner’s Office (ICO) has fined the Conservative Party £10,000 for sending 51 marketing emails to people who did not want to receive them.
Blog: How the digital design community can help shape the ICO’s work on the Children’s Code28/05/2021 12:25:00
A blog by Georgina Bourke, Principal Technology Adviser specialising in UX Design.
Blog: Spotlight on the Children’s Code standards – data protection impact assessments28/05/2021 09:10:00
A blog by Michael Murray, ICO’s Head of Regulatory Strategy.
Amex fined for sending four million unlawful emails21/05/2021 12:25:00
The Information Commissioner’s Office (ICO) has fined American Express Services Europe Limited (Amex) £90,000 for sending more than four million marketing emails to customers who did not want to receive them.
ICO and CMA set out blueprint for cooperation in digital markets19/05/2021 14:20:00
The Information Commissioner’s Office (ICO) and the Competition and Markets Authority (CMA) have published a joint statement, setting out their shared views on the relationship between competition and data protection in the digital economy.