Presentation on theme: "Legal & Regulatory Compliance. Overview What types of information should be included? What issues or problems might there be? What benefits could be obtained?"— Presentation transcript:
Overview What types of information should be included? What issues or problems might there be? What benefits could be obtained? How could it be done? Recommendations
Legal & Regulatory Compliance Examples: – Data Protection Act (DPA) and ICO recommendations – Financial Services – Health & Safety – Equal opportunities – Freedom of Information And the list goes on...
Example - Data Protection European Directives UK Statutes Regulations Rulings Recommendations Best practice
Data Protection Act Eight Principles If you possess personal information you must ensure information is: – Fairly and lawfully processed – Processed for limited purposes – Adequate, relevant and not excessive – Accurate and up to date – Not kept for longer than is necessary – Processed in line with your rights – Secure – Not transferred to other countries without adequate protection
laptopadequate security procedures It is essential that before a company allows personal information to leave its premises on a laptop there are adequate security procedures in place to protect personal information, for example, password protection and encryption.
FSA Combating market abuse – Restrict IT access to named individuals on a deal – Use secure data rooms – Dedicated IT support for deal teams – Employ ethical hackers to test robustness of IT – Use appropriate code names for IT files – Password protect/encrypt electronic communication/devices Plus 13 other best practice guidelines...