The purpose of this Code of Data Matching Practice is to help ensure that the Commission and its staff, auditors and all persons and bodies involved in data matching exercises comply with the law, especially the provisions of the Data Protection Act 1998, and to promote good practice in data matching.
It includes guidance on the notification process for letting individuals know why their data is matched and by whom, the standards that apply and where to find further information.
The Serious Crime Act 2007 gives the Audit Commission new statutory powers to conduct data matching exercises by inserting a new Part 2A into the Audit Commission Act 1998.
The legislation requires the Commission to prepare a code of practice to govern its data matching exercises, and to consult with the Information Commissioner and others over it before approving and laying it before Parliament.
A draft Code of Data Matching Practice 2008 was issued for consultation with any comments requested to be returned to the Audit Commission by 30 May 2008. A list of those organisations to whom the consultation document was sent to is available below. The consultation process has now been completed and the Audit Commission's overall Response to Consultation is also available below.
The Code has now been finalised, published and was laid before Parliament on 21 July 2008 and replaces the previous Code published by the Commission in 2006. A copy of the Code is available below.