Unit 5 Health Safety and Security P2,M1

The data protection act- the data protection act is legislation put in place to keep personal data confidential. It can promote anti-discriminatory practice as it can stop people finding out information about individuals that the individual wants to stay private. E.g. phone numbers and addresses. These would need to stay private so people don’t find out where you live or what is wrong with you.

The Data Protection Act 1998 is a piece of legislation which defines the law on processing data of people living within the United Kingdom.

Information Commissioner’s Office (2012) Introduction to The Data Protection Act 1998. [Online] Available from: http://www.ico.org.uk/~/media/documents/library/Corporate/Research_and_reports/ico_presentation_EVOC_20120528.ashx [Accessed: 11th October 2013]

The Data Protection Act requires all staff in an organisation to keep their data safe. Including personal data and work data, this needs to be saved in protected storage files.

The data protection act is designed to keep customers information from being used for other things that is not stated by the business, for instants if a customer gives his personal details i.e. credit card details and home address etc. the business must only use the data provided by the consumer just to transfer the money and not be used for any other reasons.

The UK’s Data Protection Act and the General Data Protection Regulations (GDPR) that underpin this legislation is due to become law in May 2018. However, the new legislation is complex so this article is intended to make you aware of some of the Data Protection Act and the General Data Protection Regulations (GDPR) more important implications.

The gathering, use and retention of information by an individual or organisation is regulated in the United Kingdom by the Data Protection Act of 1998. This

The Data Protection Act 1998 defines UK law on the processing of data on identifiable living people. The act contains eight principles, which all organisations processing personal information must conform to, these are:

(6) “Appropriate technical and organizational measures shall be taken against unauthorized or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.” (Key Definitions of The Data Protection Act | ICO, 2015).

Data protection act 1998: The Data Protection Act is a law that websites must follow if they want to handle private information such as email addresses, banking details and phone contact numbers. This act protects your privacy and ensures the companies that you give this information to keep it secure and safe from anyone else.

The main purpose of the Data Protection Act is to give all individual(s) the rights over their personal data and information. The act requires anyone who handles an individual’s personal data to agree with a number of important principles and legal obligations. All individuals are entitled upon making an access request, to be supplied with a copy of any information held about them. The individuals also have the right to challenge the processing of their personal data and to claim compensation if they suffer a loss or damage because of the inaccurate information.

The Privacy Act regulates how personal information is handled. Such information; individuals name, telephone number, medical records, bank account details, signature, date of birth, address and health records. It gives you power over the way your individual information is handled and the Act allows you to; know why your individual information is being composed; or how it will be used and who will be able to access it, ask for access to your information (as well as health information), If the information is incorrect, ask for it to be corrected and to have the option of not identifying yourself.

The Data Protection Act 1998 (DPA) is an Act of Parliament of the United Kingdom of Great Britain and Northern Ireland which defines UK law on the processing of data on identifiable living people. It is the main piece of legislation that governs the protection of personal data in the UK.

Information privacy otherwise known as data privacy or data protection deals with the collection, use and disclosure of personal information (Solove et al. 2006). And from a medical perspective, (Security 2009) clearly defines information privacy as “a person’s right to keep his/her health information from been disclosed without authorization”. This definition can also be applicable to any organization that deals with personal information. To ensure that organizations are privacy compliant, principles such as the Information Privacy Principles (IPP) coiled from the Information Privacy Act 2009 place strict obligation on organizations on the collection, storage, usage and disclosure of personal information. Under these principles, in collecting personal information, an agency must only by lawful means and directly from an individual request only the personal information for purposes directly related to the function of that agency. In securely storing of personal

This act is made to people who don’t want their information given out by other companies. It’s designed to make customers feel safe when using credit/debit cards. This rule is made so customers do not get hassled in any way. Customers get confused to how other companies had got their information and that is because other companies have paid a certain fee out to get those particular persons details. The Data Protection Act is misused by companies all the time because companies want to try and sell their products. This act affects M&S marketing because they want to sell their products as well, so without having a written consent by that person, they are not allowed by law to be selling their products by phone or by any other way.