Web Design Industry Blog

Rss Feed

Web Hosting and the Data Protection Act

Published on December 9, 2003
Tags: Web Hosting

If you are based in the UK and store any information about an individual on your web site, you are bound by the Data Protection Act 1998 and other UK and European laws. The information you store could simply be a mailing list or a guestbook, or it might be more in-depth, such as customer orders through an online store, or an affiliate scheme. Either way, choosing the correct hosting provider then becomes a more serious issue.

So what does this mean for me?

Essentially, there are two key principles within the act that you must be aware of when choosing your web hosting:

First Principle:

"Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data."

The key to this principle is "Appropriate technical and organisational measures". Today, hacking of web sites in widespread, and the benefits of firewalls and other security measures well-known. Therefore, in choosing a supplier who does not value these elements of security, you are essentially negating your responsibilities for securing the personal data. In the event that anything should happen to the data you store (for example, if your web site were hacked), your clients may have recourse under the Act to demonstrate that you had be negligent with their information.

Ampheon believe that security is paramount. This is why our servers are protected with firewalls, covered by the latest security releases, and actively monitored for untoward activity.

Second Principle:

"Personal data shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection of the rights and freedoms of data subjects in relation to the processing of personal data."

Why is there such a disparity in the pricing of web hosting? One reason is that some hosting providers have their servers in the United States, where the costs are less than in Europe. However, as the second principle above discusses, any data you collect should remain within the European Union (as an example of protection, the US does not currently have any federal laws against sending unsolicited mail). So, if your mailing list is stored on a server in the United States, you may be storing the data outside the guidelines of the Act.

Ampheon's web servers are based within the United Kingdom, and are therefore fully covered by this second principle.

Further Information:

By Chelsey Evans

Submit Blog & RSS Feeds 

  0 Comments | Post Comment

Follow Us: Follow us on Google+ Follow us on Facebook Follow us on Twitter Follow us on LinkedIn

Disclaimer: The contents of these articles are provided for information only and do not constitute advice. We are not liable for any actions that you might take as a result of reading this information, and always recommend that you speak to a qualified professional if in doubt.

Reproduction: These articles are © Copyright Ampheon. All rights are reserved by the copyright owners. Permission is granted to freely reproduce the articles provided that a hyperlink with a do follow is included linking back to this article page.