OAC Actuaries and Consultants - Actuarial and financial services consulting
NAVIGATE BY
CURRENT TOPIC		 INSURANCE
CONSULTING		 COMPLIANCE
CONSULTING		 INTERIM
RESOURCING		 FINANCIAL
MODELLING		 OUTSOURCING
SOLUTIONS		 ACTUARIAL
CALCULATIONS		 EXPERT
WITNESS
Royal Liver Assurance: "I've always found OAC's work to be of a high quality, your observations accurate and comprehensive, and your recommendations practical and sensible." [Read more >>]
Fortis Life UK: "We chose Mo.net because it gave us exceptional power, versatility and speed in an easy to use package that was straightforward to implement and provided excellent value for money." [Read more >>]
Shepherds Friendly Society: "OAC bring great clarity to often complex and challenging issues and succeed every time in communicating clearly to our Board. They are central to all we do and we value their strategic input highly." [Read more >>]
Cirencester Friendly Society: "I would like to take the opportunity to thank you for sending through your OAC Topical Article which I found most interesting. As KFDs are close to my heart, the article was of interest." [Read more >>]
Winterthur Life UK: "Winterthur has used OAC for over a year now to provide interim actuarial placements and is very satisfied with the quality and rate competitiveness of the individuals provided." [Read more >>]
AEGON UK: "OAC delivered high-quality models that give us exactly what we want. Working with OAC, we have been able to implement highly sophisticated capital management tools within Mo.net with a minimum of effort" [Read more >>]
Corporate Modelling: "Mo.net provides a scalable and cost effective solution for even the most complex requirements in the ever increasing regulatory world." [Read more >>]
Mazars: "We are delighted with Mo.net which has provided us with the ideal solution to our financial modelling needs. It is easy to learn, quick to implement, powerful and very cost effective." [Read more >>]
Quantum Leben: "Mo.net is a powerful and easy to use actuarial software tool backed up by excellent service. We were able to implement sophisticated actuarial modelling tools in a short time due to Mo.net's flexible development platform." [Read more >>]
Holmesdale Building Society: "I believe that one of the things which makes OAC different from other firms is that you do offer a very personal service which demonstrates you are caring and interested in completing a thorough job." [Read more >>]
Towergate Financial Services: "Towergate Financial Services have been using the services of OAC for several years and have always found them to be professional, efficient and helpful in all areas of the business." [Read more >>]
R.A.M. Financial Services: "A professional organisation, who painstakingly assisted us through a complex actuarial calculation. Much additional information was required, and their help to us was crucial." [Read more >>]
Donns Solicitors: "By using the OAC calculator it gives us confidence when recommending offers to clients as it allows us to verify they are correct." [Read more >>]
Jelf IFM Financial Planning: "I have been using OAC's endowment redress calculator for a number of years and it has proved accurate, reliable and easy to use." [Read more >>]
Professional Investment Management Services: "We have always found the OAC software easy to use and does the job we want efficiently, with the minimum of fuss. When we have had the occasional query, OAC have always been quick to respond." [Read more >>]
CMS Cameron McKenna: "We found OAC Actuaries and Consultants to provide an excellent, professional, responsive service on a highly technical area. Their reports were concise, readable yet comprehensive." [Read more >>]
Irwin Mitchell Solicitors: "Prompt, accurate, professional and constructive, OAC delivered everything I demand from an expert witness." [Read more >>]
  Overview  
 
  Our business
 
 
  Our clients
 
 
  Our services
 
 
  Our working environment
 
 
  Further information
 
  Terms and conditions of business  
  Data protection  
  Contingencies for pandemic  
     
 
  Key contact information  
  Christopher Critchlow
 
Christiane Perera
  enquiries@oacplc.com  
 
Click here to view all news from OAC Newsboard
 
  Follow OAC on Twitter (@OACnews)  
  Dated: Thu, 25 Aug 2011  
  Success with OAC's Staff Charity Challenge 2011: Yorkshire Three Peaks  
  Dated: Fri, 19 Aug 2011  
  Please consider supporting OAC's Staff Charity Challenge 2011: Yorkshire Three Peaks  
  Dated: Fri, 15 Jul 2011  
  Publications & downloads  
  Data Protection  
  Related links  
  Terms and Conditions of Business  

Data Protection

OAC is a registered Data Controller under the Data Protection Act 1998. OAC is responsible for the observance of the Data Protection Principles and for the procedural and monitoring arrangements within OAC for compliance with all the requirements.

The personal data held by OAC falls into several categories and the main ones are:

  • staff and associates of OAC as well as possible recruits and past staff;
  • staff of businesses with whom OAC has dealings such as suppliers, business clients, trade bodies, professional advisers and regulatory organisations; and
  • individuals who hold investments, and other individuals whose investment and insurance needs are analysed by OAC in the course of its business as a professional firm.

As a respected professional firm, OAC must ensure that it has adequate information about its staff to meet the reasonable expectations of its clients and regulators as well as legal, statutory and insurance requirements. This may involve holding some sensitive personal data namely details of offences committed or alleged to have been committed by any staff member. OAC also invites its staff voluntarily to provide any personal details which they would like OAC and its staff to be aware of if this would be relevant to business and personal relationships and this could, at the staff member’s option, include for example religious beliefs, disabilities etc.

Where staff of businesses with whom OAC has dealings are concerned, OAC’s needs are merely to hold contact details including details of the positions held by the different people with whom it may need to have dealings. Processing of these details is limited to contact purposes such as mailing lists for newsletters or determining who needs to be contacted for a particular purpose. Where OAC has electronic network links with individuals at another business OAC needs to hold information required to administer the network operations.

OAC provides highly structured private electronic network facilities for its staff and many of the businesses with whom it has dealings in order to facilitate the conduct of its business. Large volumes of data and messages pass over this network. OAC monitors the data and message traffic in the capacity of a network administrator as well as in the capacity of operator of its own business and as an employer. OAC aims to make it clear to all those individuals affected what roles it carries out in the operation of the network.

When OAC provides professional services to an individual who holds investments, or to an individual whose investment and insurance needs are analysed by OAC in the course of its business as a professional firm, the only data OAC obtains is that required to provide the required service. The data will be obtained from the individual directly or from elsewhere at the specific request of the individual. Depending on the professional services which may be required the personal data may include sensitive personal data such as state of physical health.

Because of the nature of the professional services which OAC provides, OAC needs to hold personal data about many individuals who are not clients of OAC, sometimes without the knowledge of the individual. This can include some sensitive personal data. This situation arises because OAC provides professional services to independent financial advisers, insurance companies, regulators, solicitors, courts of law and others who in the course of their business need to consider the holdings of investments and investment and insurance needs of individuals, sometimes on the instructions of the individual but sometimes in an adversarial, monitoring or other capacity. In the course of operating its business OAC is passed personal data to process. To quote some examples to indicate the range of possibilities, OAC may advise a regulator who has drawn a sample from the client list of an independent financial adviser and wishes OAC to determine whether suitable advice was given to the clients by the independent financial adviser, or an individual may be seeking financial provision from an ex-spouse and OAC is instructed by the individual’s Solicitor to advise on the value of the pension benefits of the ex-spouse.

When personal data is provided to OAC in the context of OAC providing a professional service in one of the ways described above, OAC adheres to professional standards of using the personal data only for the purpose for which it is provided. This facilitates adherence to several of the data principles. Where OAC gathers information required for the purposes of the professional services it is providing it only gathers relevant information. Frequently OAC is provided with a set of personal data and is required as part of its professional services to determine what data is relevant and what is not for the purposes of the professional services it is providing. In that event OAC only makes use of the relevant personal data. Frequently OAC has no control over whether data is up-to-date and frequently OAC is required to use historical personal data. OAC adheres to normal professional standards in using relevant personal data and where the personal data is required to be up-to-date OAC uses up-to-date personal data. Because of the nature of its professional services OAC normally needs to keep all personal data which it has used, or which has been submitted to OAC and OAC has decided not to use, indefinitely in order to be able to demonstrate at any time the validity of the professional services which OAC has provided.

In practical terms OAC focuses pro-actively on five main aspects of compliance with the Data Protection Act. First, it notifies its use of data to the Information Commissioner. Second, it tries to deal only with reputable organisations and where there might be any grounds for suspicion OAC is alert to avoid being involved in what might be improper use of personal data. Third, OAC seeks to adopt safe and accepted best practice in its administration of electronic network operation and keeps up-to-date with technical developments and emerging risks to network integrity. Fourth, OAC monitors the systems and data that it holds, and the access to and use of that data by its staff in order to ensure that there is no misuse and that data is not put at risk. Fifth, OAC ensures as an automatic element of its professional work that such work does not involve automated decision-taking without appropriate human involvement at an appropriate professional level.

The seventh data protection principle requires appropriate technical and organisational measures to be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data. OAC complies by a combination of operating highly structured data storage and handling arrangements and extensive continuous monitoring of those systems. Accidental loss of personal data meaning data being released outside OAC is controlled by very restricted copying of personal data to paper and tight control over access to electronic systems at all points.

Accidental loss of personal data, meaning that OAC no longer has access to the data or it has been damaged, is controlled by use of reliable software, constant monitoring of data integrity and backup arrangements.

OAC employs staff in the United Kingdom and overseas. Overseas staff are employees of the United Kingdom business and personal data passed to them is subject to the controls applied to United Kingdom employees. The Office of the Information Commissioner has advised OAC that data passed to an OAC employee for processing is not considered to have been transferred to another country.

OAC makes information about Data Protection legislation available to its employees so that they are aware of OAC’s approach.

OAC is ready to provide access to personal data which it holds, on request, subject to checking that the personal data may legally be provided if the personal data was provided to OAC in the course of adversarial proceedings or under regulatory monitoring arrangements.

This statement is intended to provide an overview of OAC’s compliance with its obligations under the Data Protection Act 1998. The Information Commissioner has stated that it is to be expected that there will be some difficulties in understanding and applying the new rules and that further detailed guidance is still to be issued. OAC will monitor its compliance and be prepared to take further steps as necessary to ensure continued compliance.