An overview of the Data Protection Act 1998. Legal framework. The Data Protection Act 1998 came into force in March 2001, replacing the Data Protection Act 1984.
PowerPoint Slideshow about 'An overview of the Data Protection Act 1998' - cliff
An Image/Link below is provided (as is) to download presentation
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
The Data Protection Act 1998 came into force in March 2001, replacing the Data Protection Act 1984.
The EU Data Protection Directive (also known as Directive 95/46/EC) is a directive adopted by the European Union designed to protect the privacy and protection of all personal data collected for or about citizens of the EU, especially as it relates to processing, using, or exchanging such data.
The Data Protection Act is how the UK implements the European Directive.
Right of access – individuals have a right to know what information organisations hold about them on a computer or in certain filing systems. Individuals can submit a Subject Access Request to see or have a copy of this information. This could include their medical record, files kept by public bodies, or financial information held by credit reference agencies.
Right to prevent direct marketing – individuals have the right to object to their personal information being used to target them with unwanted marketing.
Conduct assessments to check organisations are complying with the Act.
Serve information notices requiring organisations to provide the ICO with specified information within a certain time period.
Serve enforcement notices and 'stop now' orders where there has been a breach of the Act, requiring organisations to take (or refrain from taking) specified steps in order to ensure they comply with the law.
The ICO's new power to issue monetary penalties came into force on 6 April 2010, allowing the ICO to serve notices requiring organisations to pay up to £500,000 for serious breaches of the Data Protection Act.
The ICO has produced statutory guidance about how it proposes to exercise this new power, which has been approved by the Secretary of State for Justice.