1 / 17

DATA PROTECTION ACT 1998

DATA PROTECTION ACT 1998. Why is privacy an important issue?. In recent years there has been a growing fear about the large amount of information about individuals held on computer files.

yetta-leon
Download Presentation

DATA PROTECTION ACT 1998

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DATA PROTECTION ACT 1998

  2. Why is privacy an important issue? In recent years there has been a growing fear about the large amount of information about individuals held on computer files. In particular it was felt that an individual could easily be harmed by the existence of computerised data about him/her which was inaccurate or misleading and which could be transferred to an unauthorised third party at high speed and very little cost.

  3. Why is privacy an important issue? The Data Protection Act 1998 came into force March 2000. • 2 main amendments: • Includes paper based files • Increases individual rights to access

  4. How can the DPA help me? It can help you in two different ways: It gives you the right to see your files It says those who record and use personal information must be open about how the information is used.  It must follow the 8 principles of ‘good information handling’

  5. Why do I need to protect my personal data? Many data controllers have details about us (data subjects) on computers or in paper files. This growth in the use of personal data has many benefits. It also could present problems.

  6. Terms In order to understand the act there are certain technical terms which need to be used: Personaldatais information about a living individual, includingexpressions of opinion about him or her. Data usersare organisations or individuals who control the contents of files of personal data – ie who use personal data which is covered by the terms of the act A Data subjectis an individual who is the subject of personal data

  7. Data Protection Act 1998 principles • Personal data shall be processed fairly and lawfully and must meet at least one condition of Schedule 2. • In the case of sensitive personal data at least one of the conditions of Schedule 3 must be met. • Personal data shall be obtained for one or more specified and lawful purposes and shall not be further processed in any manner incompatible with thatpurpose or purposes.

  8. Schedule 2 conditions • With the consent of the subject • As a result of a contractual agreement • Because of a legal obligation • To protect the vital interests of the subject • Where processing is in the public interest • Where processing is required to exercise official authority

  9. Schedule 3 conditions Sensitive Personal Data • Racial or ethnic origins • Political opinions • Religious beliefs • Trade Union membership • Mental or physical health • Sex life • Alleged commission of offences • Criminal proceedings/record

  10. Main principles of the 1998 Act Personal data must be: • fairly and lawfully processed • processed for limited purposes • adequate, relevant and not excessive • accurate • not kept for longer than is necessary • processed in line with your rights • held securely • not transferred to countries without adequate protection

  11. Main principles of the 1998 Act • Personal data shall be processed in accordance with the rights of the data subject under this act. • Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of or damage to personal data. • Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures that adequate levels of protection for the rights and freedom of data subjects in relation to the processing of personal data

  12. Registration With very few exceptions all data users must register with the Data Protection Register The Data Protection Registrar keeps a register of all data users. • Each entry into the register relates to a data user • A data user cannot hold personal data unless he has registered • Data held must be relevant for a specific purpose

  13. What are my rights? • Everyone has the right to find out what information is held about them either on a database or paper records • Your request should be answered in full, including what and why the information is being held • Exceptions to the rule will be providing you with the information which would affect: • Detection of crimes • Catching or prosecuting offenders • Assessing or collecting taxes or duty • Certain health and social work records

  14. What are my rights? Individuals have the right to find out what information is held about them. To do this they have to apply in writing • The organisation: • Can charge a reasonable fee for this • Must respond within 40 days • Individual who claims data held is inaccurate may apply to a Data Controller to: • Rectify it • Block it • Erase it or • Destroy it

  15. What are my rights? • Individuals have the right to request that: • Incorrect data is corrected • Data is not used for direct marketing if it could cause damage or distress • Decisions made are not based on the automated processing of the data

  16. What are my rights? How to reduce junk mail: (may take up to 4 months) Mail Preference Service, Freepost 22, LONDON W1E 7EZ How to stop cold calls: It has been unlawful since May 1999 to make unsolicited direct marketing calls to people who have said they not wish to take calls. Register with the Telephone Preference service (www.tpsonline.org.uk)

  17. DATA PROTECTION ACT 1998

More Related