Data Protection Act 1998
This legislation protects people’s data and information stored on databases. Data subjects are people whose personal data is stored, the rights given to data subjects are: right of subject access, right of correction, right to prevent distress, right to prevent direct marketing, right to prevent automatic decisions, right of compliant to the information commissioner and right to compensation.
The eight principles of the data protection act that companies need to adhere to are:
1. used lawfully and fairly
2. used for specified purposes
3. used inadequately or excessively
4. used accurately
5. not kept longer than necessary
6. handled according to data subject’s data protection rights
7. ensure safety and security of data
8. ensure adequate protection if transferred outside the European Economic Area when companies want to use personal data and share data with third parties they have to ask permission from the person whose data they wish to use. On e-commerce sites they can do this by presenting tick boxes when a user enters their details.
Computer Misuse Act 1990
This act was introduced to deal with problems caused by hacking. It helps organisations deal with hacking by making the following offences: unauthorised access to computer material, unauthorised access with the intent of facilitating or committing a crime, unauthorised modification of computer material, and supplying, making or obtaining anything that can be used computer misuse crimes.
Data Protection Act 1998, Freedom of Information Act 2000, Health and Social Care Act 2008, and Human Rights Act 1998
Data Protection Act 1998 – gives individuals the right to know what information is held about them, and those that processes personal information must comply with eight principles, which makes sure that personal information is fairly and lawfully processed; processed for limited purposes; adequate, relevant and not excessive; accurate and up to date; not kept for longer than is necessary; processed in line with your rights; secure; not transferred to other countries without adequate protection;
Identify relevant legal requirements and procedures covering confidentiality data protection and the disclosure of information.
given extra safeguards for sensitive information – e.g. ethnicity, political views, religion, health or criminal records
Confidentiality applies to the children act in many ways it protects children and young peoples information from being put into the wrong hands although the children act does state that the person can obtain the information being held themselves as because of data protection you have the right to access your own files.
The data protection act- the data protection act is legislation put in place to keep personal data confidential. It can promote anti-discriminatory practice as it can stop people finding out information about individuals that the individual wants to stay private. E.g. phone numbers and addresses. These would need to stay private so people don’t find out where you live or what is wrong with you.
The Data Protection Act 1998 is a piece of legislation which defines the law on processing data of people living within the United Kingdom.
Data protection is a very important piece of legislation that was brought into power in 1998, because it has been designed to prevent confidential and personal information being passed on to other people and any relevant companies without a person’s consent. This also means that any information that is stored of children should be kept in either a password protected or lockable location.
covers correct storage and sharing of both manual and electronic information. There are eight principles put in place by the Data Protection Act 1998 to make sure that information is handled properly:
Information Commissioner’s Office (2012) Introduction to The Data Protection Act 1998. [Online] Available from: http://www.ico.org.uk/~/media/documents/library/Corporate/Research_and_reports/ico_presentation_EVOC_20120528.ashx [Accessed: 11th October 2013]
* Processed in line with the rights of individuals - this includes the right to be informed of all the information held about them, to prevent processing of their personal information for marketing purposes, and to compensation if they can prove they have been damaged by a data controller's non-compliance with the Act.
Write down the 8 principles of practice covering confidentiality from the Data Protection Act 1998.
This act was introduced to prevent users hacking. This also stops them entering a computer, programs or files without authorisation, this act is in place to prevent users to use the internet without permission to cause an act of crime and also prevents unauthorised modifications to a computer. This act does not allow any attacks on a server as this is illegal.
This act applies to all organisations that process data relating to their staff and customers. It is the main legal framework in UK that protects personal data. The act contains 8 data protection principles which are: