Safeguarding your data

Members must have rules regarding the safeguarding of customers’ data and a clear standard procedure that advises customers of the following:

• It is the customer’s responsibility to ensure sensitive or critical data or programmes are backed up before authorising work to be carried out. Customer may request Member to attempt to do this on their behalf for a fee, but if the computer is malfunctioning already there is likelihood that this may not be possible.
• If, in the process of managing or repairing customer’s products Member becomes aware of data that may indicate illegal activity, especially but not limited to child pornography or intellectual property theft, Member may be obliged by law to report such instances to the appropriate authorities for their investigation. 
• Member must not open files or programmes unnecessarily, or for any purpose other than that authorised by the customer.
• Member must not copy customer’s data or programmes unless it is necessary to do so in order to meet the requirements of the work authorised by the customer. Any data or programmes copied must be destroyed at the conclusion of the authorised tasks, and/or returned to the customer as appropriate.
• Any memory device that has been replaced must either be returned to the customer, or be formally certified data-wiped and such certification provided to the customer.

If a member is found to have breached these privacy issues they are liable to be expelled from the Association.