Large organisations have within their structure an Information Commissioner, this person is not responsible for the control or collection of data but responsible for Enforcing the rules set down by the Data Protection Act.

This is a key role for large organisations to ensure they do not fall foul of the law.

Small to Medium organisations do not have the luxury of recruiting an Information commissioner, let alone a Data Controller, the responsibility usually falls onto the MD or senior management.

One solution is to speak with organisations such as Secure Data Recycling who can advise on how to handle data and in the end dispose of the data in a secure and auditable fashion.

For more information on data use, storage and destruction contact Secure Data Recycling.