The Information Commissioner has published a guide advising businesses how to protect customer and employee privacy.
The Privacy Impact Assessment (PIA) guide is specifically aimed at helping businesses developing new IT systems and starting new technology projects.
The ICO has urged all UK businesses to consider the impact on individuals’ privacy before developing new IT systems or changing the way they handle personal information.
All government departments issue privacy assessments when developing new systems. The measure was introduced following the HM Revenue & Customs data breach in 2007, in which the records of 25 million people were lost on computer discs in the post.
The ICO said that if businesses introduced PIAs, they would better manage risks, cut costs by reducing the need for additional changes, meet legal requirements, and avoid loss of confidence.
“For the public to have trust in an organisation, individuals must be confident that their information is held securely and processed in line with the Data Protection Principles,” said Jonathan Bamford, assistant information commissioner.
It is “essential” that businesses evaluate the impact to privacy “before introducing new systems”, he said.