Premium Content

Access "DPA compliance not a black and white process"

Published: 13 Oct 2012

The problem with the Data Protection Act, from a practical point of view, and in contrast to US-originated compliance standards like PCI DSS, is that the DPA does not contain a list of detailed, specific requirements that every organisation can decide are either applicable or not applicable, and, if they are applicable, tick off as having been complied with. The problem with a tick box approach is that, where data security is concerned, one size definitely does not fit all. Threats evolve, and not all vulnerabilities are common. Compliance can be expensive and, if it is to be enforced, needs to be backed by an adequately resourced and aggressive regulator. The UK’s ICO is neither adequately resourced nor aggressive. However, it will pounce on obvious negligence, particularly in the public sector. The trick with the DPA, therefore, is to keep out of trouble, not to look for a detailed compliance checklist. Complying with the DPA is a process that can be broken down into three discrete stages. The first is simple: Do those things that the DPA specifically ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free

  • Adapting to life after Heartbleed
    CWE_220414_ezine_20p-1MED.jpg
    E-Zine

    In this week’s Computer Weekly, we investigate the most significant flaw in recent history to impact the internet. The Heartbleed bug in OpenSSL ...

  • Computer Weekly networking case studies
    CW-EuroUserAwards2014 networking-1.jpg
    E-Handbook

    Jennifer Scott and Steve Evans discover what made the winning entries stand out from the crowd in the 2014 Computer Weekly European Awards for ...

  • Special Report on VDI
    VDI.png
    E-Handbook

    The articles contained here were written by Brian Madden, the fiercely independent thought leader in the world of virtualisation and mobility ...