Public sector organisations should be ready for a flood of questions about the personal data they hold when the new Freedom of Information Act comes into force on 1 January, IT directors were told at the forum.
Toby Stevens, director of Enterprise Privacy Group, urged IT users to be sure they understand their corporate policies relating to personal data.
IT directors should be able to answer a list of questions about data stored by their organisation and the implications for privacy, he said. The checklist includes:
- Who is responsible for privacy across your organisation?
- What is your organisation's ethical stance on privacy?
- What is your assessment of privacy-related risks?
- Which laws and sector-specific regulations are you expected to comply with?
- Who ensures that your employees are aware of privacy duties and checks they act accordingly?
IT directors also need to be aware of high-tech ethical activists, the conference heard, who are adopting "viral marketing" techniques such as e-mail shots and web blogs.