Back to Blog

Data Protection & Privacy

Post by |

Data protection and privacy have this mythical power to make us all cringe with fear. But they’re not as scary as we all think. Yes, changes are coming. Overhauls of the EU Data Protection Laws are likely in the next few years, but there’s really no need to panic just yet. Better to concentrate on getting your house in order now, for today’s legislation, and then focus on the legislation when it comes into play. Don’t worry about the future. You’ve got lots to do now, so get your ducks in a row first.

Every firm is different and every process is different, so every policy will be different. But the law is always the same. The Data Protection Act 1998 sets out the rules that have to be followed. The ICO regulates the law and provides guidance. This blog doesn’t constitute legal advice, but it will offer you some top tips for data protection and privacy to get the wheels in motion.

Keep data secure

To start with, make sure all personal data is kept secure, accurate and up to date. It goes without saying that data in spreadsheets can easily be misplaced or end up in the wrong hands (we see it all the time in the news). So it’s better to have a more formal mechanism, like a CRM system, to keep data secure. A solution like Lexis InterAction, with its secure log in, automatic unsubscribes and bounce backs, electronic communications data security and mailing preference management, is a great way of underpinning and supporting your data protection policies and ensuring privacy statements are enforced.

Follow the 8 principles of the Data Protection Act

The 8 principles of the Data Protection Act 1998 (DPA) are a data handler’s bible. Follow each principle step-by-step and you won’t go too far down the wrong path. For example, personal data should be processed fairly and lawfully, adequate, relevant, kept up to date, not held for longer than necessary, not transferred to a country outside the EU etc. For the 8 principles in full click here.

Under DPA every organisation/sole trader processing personal information MUST notify/register with the commissioner unless they are exempt. There’s more information here. While we’re on the subject a written data protection policy is not a requirement of the DPA. However, drawing one up is good practice to ensure a systematic approach and cover off succession planning.

Don’t violate privacy

It’s not just how we store and manage data; privacy and electronic communications regulations also need to be complied with (this includes spamming!). We all know we shouldn’t spam people but you’ll be surprised at how many companies do it without being aware that they are. The ICO offers a guide to privacy and electronic communications. Make sure you check it out.

Hopefully this blog has shown you that data protection and privacy isn’t a big scary monster, more like a cute kitten that’s got a bit of an attitude problem. Once you know how to handle it and get your house in order it’s not as bad as everyone thinks. BUT, it isn’t something to be ignored; fines for not complying are hefty as well as damaging to a firm’s reputation.

Tags: InterAction

About the Author:


Fiona Jackson has spent over 15 years implementing and working with InterAction in professional services firms, including legal and accountancy. In these in-house roles, supported by InterAction, she managed marketing communications, devised and implemented business development strategies as well as trained and mentored fee earners. She worked closely with internal clients to understand their business processes end-to end and guided them in utilising the 'intelligence' gathered via InterAction to help them be successful at customer relationship management.

Fiona was previously a Client Advisor for five years at LexisNexis Enterprise Solutions; and was often described as "an extension to our business" by her clients. She has now returned to the company to drive an InterAction ‘repositioning’ project for a large London law firm. Fiona is also working with other firms to help them align CRM to wider business development strategies. She specialises in strategic and tactical CRM best practice, and as an expert in devising user adoption strategies, her experience in rolling out and repositioning InterAction as a business tool is proving invaluable to clients.

Fiona is mother to two teenagers, who keep her firmly on her toes. Living in Hertfordshire, she loves walking, is often found obsessing over the latest box set and enjoys all that country pubs have to offer. She also has a spectacular Gin collection of her own. Recently, Fiona has discovered a love for cooking – the varying degrees of success hasn’t stopped her from continuing to giving it a go!

| See all our contributors
Back to Blog