The Driver and Vehicle Licensing Agency (DVLA) takes the protection of the data it holds very seriously and has measures in place to protect it. These measures vary depending on the service used and the sensitivity of the data provided.
All DVLA’s data release services are subject to a formal assessment before they are made available for use. This ensures that there are adequate policies as well as procedural and technical controls in place to protect the data. Privacy Impact Assessments are also completed to identify and address any privacy risks associated with the service and ensure that personal data is processed in compliance with the law.
An audit carried out earlier this year by the Information Commissioner’s Office confirmed that the DVLA’s procedures offer high assurance that processes are in place to mitigate the risks of non-compliance with the Data Protection Act.