Data protection advice and support
Under the data protection regulations, organisations are required to register with the Information Commissioner’s Office (ICO) if they process personal data.
The ICO is the supervisory body who govern data protection and freedom of information. They “uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals”.
For most small to medium sized companies registration will cost either £40 or £60 unless you are exempt. The fee can increase to £2,900 for larger organisations.
To check if you are exempt you can use the self-assessment tool at registration self-assessment (ICO)
The registration must be completed annually. Failure to register could result in the ICO issuing a fine of up to £4,350.
Registration and payment can be done at data protection fee (ICO).
You can check if your organisation is already registered by searching the register at register of fee payers (ICO).
Does your organisation need a data protection officer?
Please refer to the two key resources below to help you decide if you need to appoint a data protection officer and, if so, what their role involves:
- the Digital Social Care website provides more information about the specific situations in which care organisations need a data protection officer, which includes guidance for large and small care providers
- Skills for Care also has guidance on data protection, GDPR and information sharing which includes a downloadable guide