ComputerWeekly.com
Premium Content

Access "DPA compliance not a black and white process"

Published: 13 Oct 2012

The problem with the Data Protection Act, from a practical point of view, and in contrast to US-originated compliance standards like PCI DSS, is that the DPA does not contain a list of detailed, specific requirements that every organisation can decide are either applicable or not applicable, and, if they are applicable, tick off as having been complied with. The problem with a tick box approach is that, where data security is concerned, one size definitely does not fit all. Threats evolve, and not all vulnerabilities are common. Compliance can be expensive and, if it is to be enforced, needs to be backed by an adequately resourced and aggressive regulator. The UK’s ICO is neither adequately resourced nor aggressive. However, it will pounce on obvious negligence, particularly in the public sector. The trick with the DPA, therefore, is to keep out of trouble, not to look for a detailed compliance checklist. Complying with the DPA is a process that can be broken down into three discrete stages. The first is simple: Do those things that the DPA specifically ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free

  • Why we need cyber war games
    CWE_270115_ezine_18p_MED.jpg
    E-Zine

    In this week’s Computer Weekly, the UK and US are starting a cyber war on each other – all in the name of testing each other’s defences. We look at ...

  • FT sold on cloud benefits
    CWE_200115_ezine_18p_MED.jpg
    E-Zine

    In this week's Computer Weekly, we talk to the Financial Times CTO about the publisher's successful move to the public cloud and plans for further ...

  • The Global Risk Report 2015
    GlobalRisks2015.jpg
    E-Handbook

    Large-scale cyber attacks are among the prominent risks in 2015 in the 10th Global Risks report from the World Economic Forum.