Data Protection Act
The Data Protection Act 1998 affects anyone who keeps and processes information about living individuals. The Data Protection Register lists all the people or organisations (known as "data controllers") who keep such information. The Act requires that anybody who processes personal information on individuals, must add themselves to the register.
The Act was created to: a) provide greater rights for those people who have their details stored (i.e. the data subjects), and b) to ensure that data controllers follow sound and proper practices.
The eight principles of the Data Protection Act are:
The Act was created to: a) provide greater rights for those people who have their details stored (i.e. the data subjects), and b) to ensure that data controllers follow sound and proper practices.
The eight principles of the Data Protection Act are:
- The data should be adequate, relevant and not excessive.
- The data held should be accurate.
- The data should be held securely.
- The data should be fairly and lawfully processed.
- The data should be used for limited purposes only.
- The data should not be kept longer than is necessary.
- The data should be processed in accordance with the clients rights.
- The data should not be sent outside the UK to countries who do not have a data protection scheme.