Data Protection Act 1998

The Data Protection Act is a complex act and generally gives individuals the right to know what information is held about them. It provides a framework to ensure that personal information is handled properly.

 Because of it’s complexity we will try to break down to the key areas and understandings and separate this into eight areas.

 The Act works in two ways it states that anyone who processes personal information must comply with the following, to make sure that personal information is:

  • Fairly and lawfully processed
  • Processed for limited purposes
  • Adequate, relevant and not excessive
  • Accurate and up to date
  • Not kept for longer than is necessary
  • Processed in line with your rights
  • Secure
  • Not transferred to other countries without adequate protection

 The second area covered by the Act provides individuals with important rights, including the right to find out what personal information is held on computer and most paper records.

 Those are the eight principals which cover the act and are straight forward to the contents of which they state.

 We could break down the above eight principals and cover them to their contents and try to define them with in the areas of the law.

Data may only be used for the specific purposes for which it was collected.

Data must not be disclosed to other parties without the consent of the individual whom it is about, unless there is legislation or other overriding legitimate reason to share the information. It is an offence for other parties to obtain this personal data without authorization.

Individuals have a right of access to the information held about them, subject to certain exceptions (for example, information held for the prevention or detection of crime).

Personal information may be kept for no longer than is necessary and must be kept up to date.

Personal information may not be sent outside the European Economic Area unless the individual whom it is about has consented or adequate protection is in place, for example by the use of a prescribed form of contract to govern the transmission of the data.

Subject to some exceptions for organizations that only do very simple processing and for domestic use all entities that process personal information must register with the Information Commissioner’s Office.

Entities holding personal information are required to have adequate security measures in place. Those include technical measures (such as firewalls) and organizational measures (such as staff training).

Subjects have the right to have factually incorrect information corrected (note: this does not extend to matters of opinion)

The above information will give you a general background of the the act and as stated above it is a long and sometimes complex Act and certainly need professional advice in all areas if you require a more detailed analysis.

 The reason why Acts and Regulations are placed into this blog about the Paperless Office and systems is that if you have a good understanding of the various Acts and regulations then it will help you to understand how the paperless system and office has to be regulated to meet these needs.

 This blog entry is not intended to provide legal advice. 


About martin smith

A degree in Engineering Management ,who is just trying to make life a bit easier, for anyone who wishes to read these articles. View all posts by martin smith

2 responses to “Data Protection Act 1998

  • Sean Dunne

    The grammar in the above article is appalling.

    • martin smith

      Data Protection Act (Post dated 5/9) Apology

      The comment received was noted

      We have looked at the above post, and are comments are as follows

      An administrative error had occurred with a confusing duplication of paragraphs which made the post difficult to read and understand.

      The actual contents of the post has not changed as we believe is was correct and accurate

      We do take our subject matter very seriously and we welcome any comments even if this may cause any disruption to the blog.

      We have sent this e mail as an apology and as you can appreciate errors do occur and the post was confusing to read.

      We have up dated the post and also sent an apology to all our readers.

      This blog is quite new and has a progressive agenda to the concept of the paperless system so once again we apologise if this has caused any inconvenience to you and we hope you will return to the blog if you so wish

      The comment will be shown complete with this reply

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: