The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

This checklist is for sole traders and other UK small businesses. Use it to check whether you are keeping your personal data secure.

Once you complete the checklist, you get a short report with practical actions you can take and additional guidance to improve your security measures.

If you’re unsure if you need to comply with data protection law, you should take this short quiz first.

1. Do you have someone in your business who takes the lead for the security of your personal data?

2. Has the lead person put measures in place to keep your personal data secure?

3. When staff process personal data away from the office, does the lead person know what extra security measures to consider?

4. Does everyone in your business know what they need to do to keep personal data secure?

5. Do you have a contingency plan in place for personal data you hold in key systems, applications and storage facilities?