Data Protection Act

View mindmap
  • Data Protection Act
    • DPA Terminology
      • Data Processor
        • Someone who accesses, use, and processes personal data as part of their jobs.
      • Data Controller
        • Person who decides what information the organisation needs to collect and what it will be used for.
      • Information Commissioner
        • Person who  has overall responsibility for enforcing the Data Protection Act in the UK.
    • 8 Principles
      • Personal data can be held for specified or lawful purposes only.
      • Personal data should be relevant and not excessive for the required purpose.
      • Personal data should be accurate and kept up-to-date.
      • Personal data should not be kept for longer than is necessary.
      • Data must be processed in accordance with the rights of the data subject.
      • Appropriate security measures must be taken against unauthorised access.
      • Personal data should be obtained and processed fairly and lawfully.
      • Personal data cannot be transferred to countries outside the EU unless the country has similar legislation to the DPA.


No comments have yet been made

Similar ICT resources:

See all ICT resources »See all Acts, Security and Legislation resources »