Rupert Battcock, from legal firm Nabarro Nathanson, believes at least half the companies in every sector have not achieved full compliance with the Act.
Battock explained that many of these would only be guilty of minor breaches but some may have bigger problems. "It is difficult for companies to judge how serious their non-compliance is," he said.
His advice to companies who believe they may be infringing the new Data Protection Act is simple: "Don't run around like a headless chicken because it's only a problem if you are in flagrant breach of the DPA."
Battcock said businesses should keep calm and plan a sensible procedure to look at the DPA in the next couple of months.
Bill Pepper, head of security risk management at IT services firm Computer Sciences Corporation (CSC), said that on a scale of importance the DPA was simply not on the agenda for business. "We all know that the Information Commissioner does not have the resources to investigate organisations to ensure compliance with the DPA," he said. With this knowledge, he claimed, comes complacency.
The general DPA apathy has much to do with more pressing business issues, such as the economic climate, said Pepper.
However the Information Commissioner, Elizabeth France, has often argued the benefits of DPA compliance. "Gaining the confidence of individuals through data protection is seen as very important if e-commerce is to work," she said. "Data protection is good for business."
Michael Smith, associate director at Customer Relationship Management consultancy Detica, agrees that the DPA can only be a good thing for e-business. "The introduction of this legislation should help more companies foster long-term customer relationships," he observed.