The 1998 Data Protection Act became law in March 2000.
The aim of the Data Protection Act is to ensure privacy and confidentiality for individuals and businesses with regards to information held by organisations and or released without authorisation.
The Act requires us all to responsibly dispose of all data detailing personal business information that is not required. In the event that personal or business information was disclosed whether deliberately (without permission) or accidentally, the reputation of your organisation would be at serious risk.
Penalties for non-compliance with the Act could include a fine of up to £5000, a criminal record for the company directors and/or the company data controller.