Socitm has published its Local Government Data Handling Guidelines for councils.
The guidelines have been produced by Socitm working in partnership with the Local Government Association, Welsh Local Government Association and central government.
They show councils the steps they need to be taking to keep data collected from residents, businesses and other parties safe and secure.
Socitm said the guidelines provided chief executives, senior managers and elected members with a "guide and essential checklist to their responsibilities and accountability for secure and effective handling of personal information".
But, Socitm said, it recognised that councils are best placed to assess their own risk and put in the necessary safeguards which are often equivalent to, or exceed, those set out in the document.
The guidelines take account of ISO/IEC 27000 (Information Security Management System) standards and government benchmarks for data.