ICT DPA

?
  • Created by: Louis
  • Created on: 11-12-12 12:29
View mindmap
  • The eight principles
    • Personel data shall be processed fairly and lawfully
      • This means that you should be told about data which is being collected about you and should be asked for your permisions to collect it. You should also be made aware of the reason why the data is being collected and what it will be used for.
    • Personal data can be held only for specified and lawful purposes
      • The data controller has to state why they want to collect and store infomation when they apply to do so. If they use the data they have collected for other purposes, they are breaking the law.
    • Personal data should be adaquate, relevant and not excessive for the required purpose
      • Organisations should only be able to collect the data that they need and no more. Your school nneds to know your parents phone number in case they nned to contact them in an emergency. However, they do not need to know what your grandmothers name is, nor do they need to know your eye colour. they should not ask this as it would be excessive.
    • personel data should be kept accurate and kept up to date
      • Companies should make sure that the facts they recors are the correct facts. the company should comply to change infomation if it is found to be incorrect.
    • Personal data should not be kept longer than necessary
      • Organisations should only keep your infomation for a reasonable length of time. some organisations are allowed to keep your infomation for longer than others
    • Data must be processed in acordance with the rights of the data subject
      • People have the right to inspect infomation that is kept of them, if the data being held is incorreect they have the right to have it changed.
    • Appropriate security measures must be taken against un authorized access
      • This means that infomation must be kept safe from hackers and employees who dont have rights to see it. Data must be sage guarded against accidental loss.
    • Personal data cannot be transferred to countries outside the EU unless the county has similar legislations to the D.P.A
      • This measn that if a company wishes to share data with an organiosation in a different country that country must have similar laws to our data protection act in place.
  • The data controller has to state why they want to collect and store infomation when they apply to do so. If they use the data they have collected for other purposes, they are breaking the law.
  • Companies should make sure that the facts they recors are the correct facts. the company should comply to change infomation if it is found to be incorrect.

Comments

No comments have yet been made

Similar ICT resources:

ICT AS
See all ICT resources »See all Policies, Security and Legislation resources »