Unit 23 M2

This act applies to all organisations that process data relating to their staff and customers. It is the main legal framework in UK that protects personal data. The act contains 8 data protection principles which are:

The Data Protection Act 1998 is a piece of legislation which defines the law on processing data of people living within the United Kingdom.

The Data Protection Act states that you must only collect information that you need for a specific purpose and keep it secure, ensure that it is relevant and up to date to guarantee that no changes in medication or health status goes unnoticed or unaccounted

The Data Protection Act 1998 is a piece of legislation that controls how an individual’s personal information is used by organisations, businesses and the government. This Act ensures that HR departments only collect data from individuals is covered by what we are allowed to collect under the Act, relevant and not excessive, we must also be sure that data is not stored for longer than necessary. We must ensure that data is stored securely and confidentially; and that we are open about the reasons why we are collecting and storing the data.

When it comes to data management the need to ensure that all laws that pertain to customer privacy are followed. There are many different laws whether they be federal, state or local laws to ensure that the data that is collected is protected. For example, H.R. 2092 the student digital privacy and parental rights act helps protect

There is likewise an exclusion for individual information if discharging it is in spite of the Data Protection Act.

This legislation is the main piece that governs the protection of an individual’s person data in the UK.

(6) “Appropriate technical and organizational measures shall be taken against unauthorized or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.” (Key Definitions of The Data Protection Act | ICO, 2015).

The Data protection Act 1998 (DPA) is an act of Parliament of the United Kingdom of Great Brittan and Northern Ireland. This defines UK law on the processing of data on identifiable living people. This is the main piece of legislation that governs the protection of personal data in the UK. Even though the act itself

Common law makes provision for a confidential relationship and the duty of confidence. The Data Act 1998 and Human Rights Act 1998 have introduced enforceable rights for service users about how the information they provide is used. The Data Protection Act has restrictions on storing personal data in all formats, written and electronic. The Human Rights Act 1998 emphasises respect for privacy life and strengthens the hand of those advocating increased privacy for the individual. Due to these Acts and the duty of confidentiality there is a potential conflict between protecting the privacy and confidentiality of individuals and protecting the public, and a duty of care to the service

Along with security there is also legislation that help protect users information. These four legislation are :The Data Protection Act 1998,Computer Misuse Act 1990,Copyright Designs and Patents Act 1988 and Disability Discrimination Act 1995.

it is very important to protect this information as this creates a standard that companies must abide by with regard to a person 's personal information. without this act in place,

The infringement of the right to privacy that protected under the DPA 1998 will be regard as “personal data”, which could be the first need to be explored. In Section 1(1) DPA 1998, personal data is defined as data relating to a living identifiable individual. Actually it covers not only digital data but also those data stored on hard copy in filing systems including other certain relevant information. It is important to note that, as to the aspect on the ability to identify an individual, any data held could be determined personal data through partly either the data held itself or other non-critical information, such as any expression of opinion or the assessments

(6) “Appropriate technical and organizational measures shall be taken against unauthorized or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.” (Key Definitions Of The Data Protection Act | ICO, 2015).

Personal data is very sensitive data and would be requiring the high degree of security. It is required that appropriate measures are taken against unauthorized or unlawful processing of personal data and against accidental loss or destruction, or damage to, personal data. Personal data is any information relating to persons, ethnic or racial origin, religious beliefs, Physical or mental health, sexual life, political opinions, trades union membership and criminal offences.