The Data Protection Act 1998

Slides:



Advertisements
Similar presentations
Administrative Systems and the Law What you need to know to produce an oral presentation for Unit 7 When the presentations will take place Resources you.
Advertisements

The Data Protection (Jersey) Law 2005.
Legal Implications of ICT. In this section will look at: Legal Implications of ICT: ☼ Data Protection Act 1998 ◦ The 8 Principles, ◦ The Data Subject.
Legislation & ICT By Savannah Inkster. By Savannah Computer Laws 1.Data Protection ActData Protection Act 2.Computer Misuse ActComputer Misuse Act 3.Copyright,
Legislation in ICT.
Data Protection & Freedom of Information The Practical Implications of Data Protection and Freedom of Information Caroline Dominey Data Protection Officer.
University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.
Duncan Woodhouse – Assistant Registrar for Information Security, Risk Management and Business Continuity Helen Wollerton – Administrative Officer (Legal.
Legislation in ICT. Data Protection Act (1998) What is the Data Protection Act (1998) and why was it created? What are the eight principles of the Data.
Data Protection Act.
Data Protection Act Description The Data Protection Act controls how your personal information can be used and protects from the misuse of your.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection Overview
The Data Protection Act
Data Protection Act. Lesson Objectives To understand the data protection act.
 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.
Data Protection for Church of Scotland Congregations
CENTRAL SCOTLAND POLICE Data Protection & Information Security Stuart Macfarlane Information Governance Unit Police Service of Scotland.
The Information Commissioner’s Office David Evans.
Regulation of Personal Information Daniel Pettitt, Leon Sewell and Matthew Pallot.
Health & Social Care Apprenticeships & Diploma
Computers, the law and ethics  Lesson Objective: Understand some of the legal & ethical issues in developing computer systems  Learning Outcome: Know.
Elma Graham. To understand what data protection is To reflect on how data protection affects you To consider how you would safeguard the data of others.
The Data Protection Act 1998 The Eight Principles.
OCR Nationals Level 3 Unit 3.  To understand how the Data Protection Act 1998 relates to the data you will be collecting, storing and processing  To.
Data Protection: An enabler? David Freeland, Senior Policy Officer 23 October 2014.
Data Protection Act AS Module Heathcote Ch. 12.
FatMax Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5.
The Data Protection Act (1998). The Data Protection Act allows you to Check if any organisation keeps information about you on computer or in paper form.
Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.
Processing personal health data: the regulator’s perspective Ken Macdonald Assistant Commissioner Information Commissioner’s Office.
What is personal data? Personal data is data about an individual which they consider to be private.
The Data Protection Act - Confidentiality and Associated Problems.
The Data Protection Act What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;
BTEC ICT Legal Issues Data Protection Act (1998) Computer Misuse Act (1990) Freedom of Information Act (2000)
Legal issues The Data Protection Act Legal issues What the Act covers The misuse of personal data By organizations and businesses.
Data Protection Property Management Conference. What’s it got to do with me ? As a member of a management committee responsible for Guiding property you.
Data protection This means ensuring that stored data does not get changed, removed or accessed accidentally or by unauthorised people. Data can be corrupted,
The Data Protection Act What the Act covers The misuse of personal data by organisations and businesses.
THE DATA PROTECTION ACT Data Protection Act 1998 DPA 1. Reasons2. People3. Principles 4. Exemptions 4 key points you need to learn/understand/revise.
Data Protection Act The Data Protection Act (DPA) is a balance between rights of the DATA SUBJECT and obligations of the DATA CONTROLLER DATA CONTROLLER.
Data Protection Act (1998).
Computing, Ethics & The Law. The Law Copyright, Designs and Patents Act (1988) Computer Misuse Act (1990) Data Protection Act (1998) (8 Main Principles)
LEGAL IMPLICATION OF THE USE OF COMPUTER Lower Sixth Computing Lesson Prepared by: T.Fina.
DATA PROTECTION ACT INTRODUCTION The Data Protection Act 1998 came into force on the 1 st March It is more far reaching than its predecessor,
GCSE ICT Data and you: The Data Protection Act. Loyalty cards Many companies use loyalty cards to encourage consumers to use their shops and services.
DATA PROTECTION ACT DATA PROTECTION ACT  Gives rights to data subjects (i.e. people who have data stored about them on a computer)  Information.
© University of Reading Lee Shailer 06 June 2016 Data Protection the basics.
Clark Holt Limited (Co. No ), Hardwick House, Prospect Place, Swindon, SN1 3LJ Authorised and regulated by the Solicitors Regulation.
Data protection act. During the second half of the 20th century, businesses, organisations and the government began using computers to store information.
The Data Protection Act 1998
Making the Connection ISO Master Class An Overview.
Data Protection GCSE ICT Mrs N Steventon-2005.
Trevor Ellis Trainee Programmer (1981 – 28 years ago)
Level 2 Diploma in Customer Service
Legislation in ICT.
Data Protection Act.
General Data Protection Regulation
Data Protection Act.
The Data Protection Act 1998
Data Protection Legislation
Data Protection & Freedom of Information- An Introduction
The Data Protection Act & ICT Law
Data Protection Act.
G.D.P.R General Data Protection Regulations
General Data Protection Regulation
Data Protection principles
Identify the laws and guidelines that affect day-to-day use of IT.
General Data Protection Regulations 2018
Legislation in ICT.
Presentation transcript:

The Data Protection Act 1998 © Folens 2008

What it covers The misuse of personal data. Whether stored on an ICT system or not. © Folens 2008

Reasons for its introduction Processing data by ICT systems was made easier and certain misuses started to occur. All Member States in the EEA (European Economic Area) had data protection laws, so in order to conduct business, the UK needed such a law, too. © Folens 2008

Personal data Personal data is: data about an identifiable person; who is living; and is specific to that person. It can include: name, address, date of birth, medical details, credit history, salary, qualifications, religious beliefs, etc. © Folens 2008

What the Data Protection Act does Gives rights to individuals: to find out the personal information stored about them; to have the information corrected if it is wrong. © Folens 2008

The terms used in the Act You will need to be able to define each of the following terms: Personal data – data about a living identifiable person, which is specific to that person. Data subject – the living individual whom the personal information is about. Data controller – the person whose responsibility it is in an organisation to control the way that personal data is processed. Information Commissioner – the person responsible for enforcing the Act. They also promote good practice and make everyone aware of the implications of the Act. © Folens 2008

Processing personal data Under the Data Protection Act processing can mean: data collection recording data carrying out any operation(s) on a set of data. © Folens 2008

Who is in charge of the Data Protection Act? A person called the Information Commissioner is in charge of the Act. The Information Commissioner is also in charge of the Freedom of Information Act. © Folens 2008

The duties of the Information Commissioner To be responsible for two Acts. To run the Information Commissioner’s Office (ICO). To promote good information handling. To investigate complaints. To provide guidelines. To prosecute if necessary. © Folens 2008

Notification Why have notification? The Information Commissioner needs to know that an organisation is processing personal information. Notification involves telling the Information Commissioner what personal data is processed and why it is processed. © Folens 2008

What does notification involve? Giving the name and address details of the data controller. Data details (e.g., medical, employment, credit, etc.). Brief description of reasons for storing personal data. Lists of organisations data could be passed to. © Folens 2008

Exemptions from notification Not all use of personal data has to be notified. There are exemptions from notification. The data subjects would therefore be unable to gain subject access. © Folens 2008

Exemptions from notification Where data is used for personal, family or household use. Where the data is used for preparing text (e.g., references). Where the data is being used for the calculation of pay or pensions. Where data is being used for mailing lists provided only name and address details are stored. © Folens 2008

Subject access Subjects are able to see information held. Purpose is to let them check it is correct. If information is wrong they can either: have the right to compensation if they have incurred loss or injury as a result. have the right to have the information changed or deleted. © Folens 2008

Exemptions from subject access Some data where subject access could be refused: Data used for the prevention or detection of crime. Data used for the apprehension or prosecution of offenders. Data used for the assessment or collection of tax or duty. © Folens 2008

How come organisations are able to pass personal information to others? Consent – a data subject can give permission for data to be passed to others. Often there is a box on a form which can be ticked to prevent this. Unless you tick this (and most people don’t) you have given permission. © Folens 2008

The Data Protection Principles The Data Protection Act 1998 contains 8 Data Protection Principles. Anyone processing personal information has to process data according to these principles. © Folens 2008

Personal data shall be processed fairly and lawfully. Principle 1 Personal data shall be processed fairly and lawfully. © Folens 2008

Principle 2 Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes. © Folens 2008

Principle 3 Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed. © Folens 2008

Personal data shall be accurate and, where necessary, kept up to date. Principle 4 Personal data shall be accurate and, where necessary, kept up to date. © Folens 2008

Principle 5 Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes. © Folens 2008

Principle 6 Personal data shall be processed in accordance with the rights of data subjects under this Act. © Folens 2008

Principle 7 Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data. © Folens 2008

Principle 8 Personal data shall not be transferred to a country or territory outside the European Economic Area (EEA) unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data. © Folens 2008