Data Protection Act

HideShow resource information
View mindmap
  • Data Protection Act
    • Gives rights to data subjects (i.e. people who have data stored about them on a computer)
    • It is important that information is kept private and is only used for its intended purposes.
    • 8 principles of Data Protection Act
      • 1.Personal Data must be processed fairly and lawfully.
        • 2.Personal data shall be obtained only for one or more specified and lawful purposes.
          • 3.Personal data shall be adequate, relevant and not excessive.
            • 4.Personal data shall be accurate and, where necessary, kept up-to-date
              • 5.Personal data shall not be kept for longer than is necessary.
                • 6.Personal data shall be processed in accordance with the rights of the data subjects.
                  • 7.Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental lost.
                    • 8.Personal data shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection.
    • Disadvantages of DPA
      • It is argued that it is difficult to enforce.
      • The last principle is hard to enforce because its difficult to track if someone has accessed a web database from another country.
      • It is an extra expense for an organisation 
  • 1.Personal Data must be processed fairly and lawfully.
    • 2.Personal data shall be obtained only for one or more specified and lawful purposes.
      • 3.Personal data shall be adequate, relevant and not excessive.
        • 4.Personal data shall be accurate and, where necessary, kept up-to-date
          • 5.Personal data shall not be kept for longer than is necessary.
            • 6.Personal data shall be processed in accordance with the rights of the data subjects.
              • 7.Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental lost.
                • 8.Personal data shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection.

Comments

No comments have yet been made

Similar ICT resources:

See all ICT resources »See all Policies, Security and Legislation resources »