Data Security Policy
This Compliant Data Security Policy has been designed for use by a range of organisations, addressing key data security considerations that may assist in compliance with the UK's data protection legislation (including the UK GDPR and the Data Protection Act 2018).
This document has been updated for compatibility with the UK GDPR and is ready for use from the start of 2021.
Please Note: This is not a Data Protection Policy. It is a data security policy designed to support a data protection policy. Our Data Protection Policy template contains a much higher level of detail that is specific to the obligations imposed and rights bestowed by data protection law.
Based on our IT Security Policy, this document extends beyond IT systems and data that is stored electronically to cover a wider range of data, including that stored in hardcopy form. The exact scope of the policy is left for you to define. It does not need to be limited to personal data and can be used to govern the use and security of confidential business information and other valuable data.
Key issues including internet security, software updates, access privileges, and physical security are addressed. Where appropriate, this Data Security Policy cross-refers to other policies including a Data Protection Policy and Data Retention Policy (templates for both are available here in our UK GDPR & Data Protection group).
Optional phrases / clauses are enclosed in square brackets. These should be read carefully and selected so as to be compatible with one another. Unused options should be removed from the document.
This Data Security Policy contains the following clauses:1. Introduction
2. Key Principles
3. Department Responsibilities
4. Users’ Responsibilities
5. Software Security Measures
6. Anti-Virus Security Measures
7. Hardware Security Measures
8. Organisational Security Measures
9. Access Security
10. Data Storage Security
11. Data Protection
12. Deletion and Disposal of Data
13. Internet and Email Use
14. Reporting Security Breaches
15. Policy Review
16. Implementation of Policy
This Data Security Policy is in open format. Either enter the requisite details in the highlighted fields or adjust the wording to suit your purposes.
Once you have purchased access to the appropriate document folder click on the “Download Document” link below. You will be asked what you want to do with the file. It is recommended that you save the document to a location of your choice prior to viewing.