Data Protection Act

Back Up Next

Installation

Introduction
   Read This
   Data Protection Act
   Multi-Agency Support

Getting Started

Operations Centre

Subscriptions

Training Records

Dive Logs

Equipment

Resource Databases

Customising DiveData

 

The UK Data Protection Act requires that, with certain exceptions, organizations register if they hold personal details about individuals on a computer system. Other countries have similar privacy legislation.

Clubs and societies may be exempt from needing to register if they are just using the information in pursuance of their membership handling. The act is described at http://www.dataprotection.gov.uk/ and details of the exemption for unincorporated members clubs are given at http://www.dataprotection.gov.uk/guid97/newguid6.pdf

Although this appears to grant an exemption, clubs still need to get positive consent from each member that they can hold their information on computer and must have a process to deal with members who object. The guidelines suggest holding objectors' details separately on paper.

The other issue, with DiveData and many of the home-grown systems I've seen, is that they retain information about ex-members. The registration exemption only applies to current members so, strictly, the minute someone's membership is overdue you should delete their data ... and type it all back in again if they rejoin! For that reason alone I would recommend registering with the Data Protection Register to hold data on prospective, current and ex members.

There is also a requirement to publicise to members that their records will be held on computer. Dive Data attempts to respond to this requirement with the Data Protection report. If sent out with membership renewal documents it gives members an annual reminder that their data is held on computer, that they have the right to check it and an indication of the key information held (dates, contact details etc).

 
 

© 1999 Energico Associates Ltd
Last Updated: 18 December, 1999