Most businesses use and store a large amount of personal and corporate data on customers, clients and various entities; otherwise, they wouldn't be able to trade. But under the law, they have a responsibility to look after that data in a certain way and ensure it's not used improperly or even stolen.

Business information, as it comes under the Data Protection Act, also relates to a company's employees. It includes such processes as recruiting staff and the information-collecting required and making sure staff records are secure, protected and not available for use for any purpose other than for which they are intended. The legal requirements also cover such activities as marketing products and services, and CCTV and the way it's used.

So what are the legal requirements for business data storage?

When a company is doing something that involves collecting personal information, they firstly have a responsibility to inform people what their company is and how they intend to use their data. The law says that when a company is storing this information, they must also tell people if they intend to share an individual’s data with other companies and organisations. Additionally, firms have to tell people that they can view their stored data and amend any incorrect information. 

Businesses have to tell people that the data they're holding can be deleted at the person's request and that people can ask that their personal information is not used for various purposes — such as marketing, for example. 

Companies are under a legal obligation to inform the Information Commissioner's Office about how they are using personal data and are bound to respond when a data protection request is made to identify any information held. 

Failure to comply with the Data Protection Act can lead to fines of up to £500,000 or a prison term.

Your privacy

By clicking “Accept all cookies”, you agree ITRM can store cookies on your device and disclose information in accordance with our Cookie Policy.

Cookie Settings

When you visit any of our websites, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and manage your preferences. Please note, blocking some types of cookies may impact your experience of the site and the services we are able to offer.