The Information Commissioner Office’s (ICO) new Data Sharing Code of Practice has come into force.
The code provides practical advice for businesses on how to share data fairly and lawfully, as well as the best way for firms to meet obligations of accountability.
It does not impose any additional barriers to data sharing but will help companies comply with legal obligations under the UK GDPR and the DPA.
Additionally, the code contains optional ‘good practice’ recommendations. These are not legal requirements, the ICO said, but aid firms in adopting an “effective approach” to data protection compliance.
Rules were initially laid before the UK Parliament on May 18, 2021, and issued on September 14, 2021, under section 125 of the 2018 Data Protection Act (DPA).
Commenting on the announcement, Information Commissioner Elizabeth Denham said: “Ready access to information and knowledge, including about individual citizens, can lead to many economic and social benefits, including greater growth, technological innovations and the delivery of more efficient and targeted services.
“Our data sharing code gives individuals, businesses and organisations the tools and the confidence to share data in a fair, safe and transparent way.”
The code states that the aim of data protection legislation is to facilitate data sharing when approached in a fair and proportionate way, rather than it being an obstacle.
Denham continued: “Utilising the data we collectively hold and allowing it to be maximised properly will have economic benefits.
“Data sharing that engenders trust in how personal data is being used is a driver of innovation, competition, economic growth and greater choice for consumers and citizens.
“This is also true in the sphere of public service delivery where efficient sharing of data can improve insights, outcomes and increase options for recipients.”
- Scottish Cyber Awards 2021 | Meet the finalists
- Contributed | Providing purpose is the key to recruiting digital skills
- Edinburgh company included in latest Gov-backed lawtech sandbox
In addition to the above benefits, the data sharing code will provide British firms with important guidance on the effect Brexit will have on data protection legislation.
With the UK now out of the EU, the code will become an important part of dealing with data sharing going forward, advising organisations to review safeguards for transferring data to and from the European Economic Area, as rules on international transfers will start to apply.
A British version of GDPR rules have been written into law now that the UK has left the EU. However, EU GDPR can still apply for firms in Britain if they have operations inside European countries.
Denham added: “I see the publication of this code not as a conclusion but as a milestone in this ongoing work. The ICO will continue to provide clarity and advice in how data can be shared in line with the law.
“This code, and the products and toolkits published alongside it, provides a gateway to good data sharing practice and the benefits we can expect from the results.”
Get the latest news from DIGIT direct to your inbox
Our newsletter covers the latest technology and IT news from Scotland and beyond, as well as in-depth features and exclusive interviews with leading figures and rising stars.
We’ll keep you up to date on the pivotal issues impacting the sector and let you know about key upcoming events to ensure that you don’t miss out on what’s going on across the Scottish tech community.
Click here to subscribe.