The Information Commissioner has launched a consultation on the first evercode of practice on data sharing.
The Commissioner has published a draft code covering best practice for public, private and third sector organisations. The code covers routine data sharing as well as one-off instances where a decision is made to release data to a third party.
The code covers a number of areas including:
- what factors an organisation must take into account when coming to a decision about whether to share personal data;
- the point at which individuals should be told about their data being shared;
- the security and staff training measures that must be put in place;
- the rights of the individual to access their personal data; and
- when it’s not acceptable to share personal data.
Information Commissioner, Christopher Graham said the aim of the code was to facilitate appropriate data sharing,wh ihc could bring clear benefits, while maintaining individuals’ right to privacy.
“Organisations that don’t understand what can and cannot be done legally are as likely to disadvantage their clients through excessive caution as they are by carelessness. But when things go wrong this can cause serious harm. We want citizens and consumers to be able to benefit from the responsible sharing of information, confident that their personal data is being handled responsibly and securely,” said Graham.
He urged all organisations that handle personal data to comment on the draft code”Only then can we make sure we’ve got a robust and adaptable code of practice that can be applied across the board.”
The draft code is available here and the consultation will run for 12, ending on 5 January 2011.