Data Protection

Any business operating in Northern Ireland and holding information from which living individuals can be identified will be subject to data protection legislation. This legislation regulates the collection, processing and disposal of personal data, and sets a higher standard of protection of sensitive personal data (for example, medical information).

Some of the key obligations under data protection legislation include:

Developing a Privacy Policy

Notifying customers, users of your website and others as to how you will obtain, record, hold, use, disclose and erase their personal data.

Drawing Up Employee Data Protection Policies

Providing the requisite information to employees through employee handbooks or employment contracts or a combination of both.

Pay a processing fee to the Information Commissioner’s Office or ICO

Unless you are exempt, all persons processing personal data need to pay a fee to the ICO. You can find out whether you are exempt by completing the ICO’s self-assessment checklist here


Breaches of data protection legislation may lead to a significant fine and adverse publicity.

Related Articles