Bring your own device (BYOD) raises a number of data protection concerns due to the fact that the device is owned by the user rather than the data controller.

It is crucial that the data controller ensures that all processing for personal data which is under his control remains in compliance with the DPA.

Protecting data in the event of loss or theft of the device will need to be considered but not to the exclusion of other risks.

Data controllers must also remain mindful of the personal usage of such devices and technical and organisations used to protect personal data must remain proportionate to and justified by real benefits that will be delivered.


This article is intended for informational purposes only and should not be relied upon as legal advice.

PS: While you’re here, why not take out DP Test?

To contact DataHelp email or call 07902 395989