ICO issues new database guidelines

ICO issues new database guidelines

Summary: The government has a new set of guidelines outlining what can and cannot be done in the event of the sale of databases containing personal information

SHARE:
TOPICS: Government UK
0

New data protection guidelines have been issued covering the buying and selling of customer databases that contain personal information.

The Information Commissioner's Office has issued the guidance to cover databases being sold when a business closes down, goes bust or gets bought.

The advice covers when a database can be sold, what the personal information on it can be used for, whether those individuals whose information is on the database have to be informed about the change of ownership and how long the information can be kept for.

When a database is sold the buyer can only use the personal information on it in line with the purposes for which it was originally collected. For example, if the database contains information obtained for insurance, the database should only be sold to another insurance-based business providing similar insurance products.

If the buyer wants to use the personal information for a new purpose, they will have to get consent for this from the individuals whose information is on the database. These individuals should also be informed about the change of ownership.

Dave Evans, senior guidance manager at the ICO, said in a statement: "It is important that businesses buying or selling customer databases are aware of their data protection obligations."

To comply with data protection laws the buyer should also delete any unnecessary personal information from the database as it cannot be stored on the basis that it might become useful in the future.

A full copy of the guidance can be found here.

Topic: Government UK

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion