Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Protection - Rights & Responsibilities Information Commissioner’s Office Orkney Practice Forum 4 th July 2007.

Published byBrianne McDowell Modified over 9 years ago

Similar presentations

Presentation on theme: "Data Protection - Rights & Responsibilities Information Commissioner’s Office Orkney Practice Forum 4 th July 2007."— Presentation transcript:

1 Data Protection - Rights & Responsibilities Information Commissioner’s Office Orkney Practice Forum 4 th July 2007

2 The Data Protection Act 1998 Data Protection Applies to personal information only Covers all organisations Gives individual rights over their information Same Act north and south of the border

3 The Data Protection Act 1998 Relates to personal data (ie, that which can identify an individual) held electronically or in structured manual records Stricter controls over “sensitive personal data” (eg, race/ethnicity, religion, criminal history, medical records) Provides a records management framework

4 The Data Protection Act 1998 Organisations must ensure that data is: “processed” fairly and lawfully and for (a) specified lawful purpose(s) adequate, relevant, not excessive, accurate and kept up to date kept for no longer than is necessary kept secure

5 The Data Protection Act 1998 Organisations must also : Respect the rights of data subjects Organisations must not : Transfer data out of the EEA unless appropriate safeguards exist to protect it

6 The Data Protection Act 1998 Some organisations must : notify the Commissioner of the sources of data, the purposes for which it will be used and the disclosures which may be made of it. £35 annual fee

7 The Data Protection Act 1998 Fair and lawful processing: Data subjects must be told what their data is being used for (fair processing) Conditions allowing processing must be met (lawful processing)

8 The Data Protection Act 1998 Conditions for lawful processing of personal data: Consent Contract Legal obligation Vital interests Public interest Legitimate interest

9 The Data Protection Act 1998 Additional conditions for lawful processing of sensitive personal data: Explicit consent Compliance with employment law Vital interests Not-for-profit organisation Information made publicly available Legal advice Public functions Medical purposes Equal Opps Monitoring

10 The Data Protection Act 1998 Individual rights: Access (Section 7 / Subject Access Request) Prevention of processing causing distress Prevention of direct marketing Prevention of automated decision making Rectification, blocking, erasure, destruction Compensation Request for assessment

11 The Data Protection Act 1998 Offences Unlawfully obtaining or disclosing personal data) Selling of personal data Failure to notify / notify changes Failure to comply with a Notice from the Commissioner

12 Gathering Information

13 Sharing Information

14 Providing information

15 The Data Protection Act 1998 Contact The Information Commissioner’s Office 28 Thistle St EDINBURGH EH2 1 EN 0131 225 6341 scotland@ico.gsi.gov.uk

Download ppt "Data Protection - Rights & Responsibilities Information Commissioner’s Office Orkney Practice Forum 4 th July 2007."

Similar presentations

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
Data Protection Information Management / Jody McKenzie.

Data Protection Information Management / Jody McKenzie.
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
Getting data sharing right for every child

Getting data sharing right for every child
Data Protection.

Data Protection.
DATA PROTECTION and Research University Research Ethics Committee – 08.05.2006 David Cauchi Office of the Data Protection Commissioner.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi Office of the Data Protection Commissioner.
What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.

What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.
Data Protection Data Protection Acts 1988 & 2003 Directive 95/46/EC Privacy.

Data Protection Data Protection Acts 1988 & 2003 Directive 95/46/EC Privacy.
Www.nationalsmartcardproject.org.uk www.scnf.org.uk National Smartcard Project Work Package 8 – Information Law Report.

National Smartcard Project Work Package 8 – Information Law Report.
Data Protection Act 1998. Description The Data Protection Act controls how your personal information can be used and protects from the misuse of your.

Data Protection Act Description The Data Protection Act controls how your personal information can be used and protects from the misuse of your.
DATA PROTECTION AND PATIENT CONFIDENTIALITY IN RESEARCH Nic Drew Data Protection Manager University Hospital of Wales  2074 6677  2074 5626 

DATA PROTECTION AND PATIENT CONFIDENTIALITY IN RESEARCH Nic Drew Data Protection Manager University Hospital of Wales   
Audiences NI Data Protection Workshop

Audiences NI Data Protection Workshop
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection Overview

Data Protection Overview
The Data Protection Act

The Data Protection Act
The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.

The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.
 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.

 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.
The Information Commissioner’s Office David Evans.

The Information Commissioner’s Office David Evans.
Data Protection and You Your Rights & The Law Registration Basics Other Activities Disclaimer: This presentation only provides an introductory info. Please.

Data Protection and You Your Rights & The Law Registration Basics Other Activities Disclaimer: This presentation only provides an introductory info. Please.
The Data Protection Act 1998 The Eight Principles.

The Data Protection Act 1998 The Eight Principles.

Similar presentations

Ads by Google