home| T: 029 2038 5542| contact us| print page
financial data
why is data protection important? | private sector | public sector | employee data | financial data | health records | IT systems | marketing data

financial data

The area of financial data encompasses a variety of types of information, for example:

  • bank account details;
  • credit history; and
  • company accounts.

Although many people would see their financial information as being of a sensitive nature, under the Data Protection Act, it falls into the category of personal data, not sensitive personal data. This is an important distinction to understand as under the Act more conditions have to be satisfied in order to disclose sensitive personal data.

Many organisations outsource the processing of financial data that they hold, and so need to bear the following factors in mind:

  • Has care been taken to make sure that data subjects are aware of how their data is being processed?
  • Is there a data processing agreement in place, stating that the data processor (the external organisation) has appropriate safeguards in place to protect the data?
  • If data is being transferred to a non-EEA country for processing, does that country have adequate safeguards in place to ensure the data's protection?

Where the data processing is for the purpose of completing a contract with the data subject, e.g. using financial details in order to complete a sale of an item that has been knowingly bought, the data transfer may fall under one of the Act's exemptions. Precautions should still be taken however, to ensure that any data that is transferred is handled securely.

Finally, some other important points to take into account:

  • Is the data being used only for the purposes specified at the time of collection and / or in subsequent fair processing notices?
  • Is the data being kept for longer than necessary?
  • Have the individual's rights been observed?