The Data Protection Act
It first became a law in 1984 but was then updated in 1988.
It sets out the rules for collecting, storing and dealing with personal information.
- The rules that the controllers must follow.
- The rights of the individuals whose data it is.
- The exemptions that exist.
The Rules Of The Controllers
Data must be:
- Processed fairly and lawfully.
- Adequate and relevant.
- Not kept longer than needed.
- Kept safe and secure.
- Not transferred toplaces with inadequate security.
- Processed only for it's purpose.
- Processed in line with the individuals rights.
The Rights Of The Individuals
The individuals can see all of the information held about them, however there are some exceptions.
It may affect:
- The detection and prevention of crime.
- Assessing and collecting tax.
- Catching and prosecuting criminals.
- The right to see certain health and social work details.
The individual should write a letter asking for a copy of the information held about them.
The controllers should reply within 40 days, given that proof of identity and fee have been provided.
The Data Protection Commissioner
Is an independent officer that has been appointed by the queen.
They would report directly to parliament.
For their role they would have to:
- Maintain a register of all of the controllers, this would include their names and addresses.
- Consider the complaints from individuals about tbe controllers who have not followed the rules properly.
Exceptions To The Act
They are possible for:
- Maintenance of a public register.
- If it is needed for; staff administration, advertising, marketing, public relations, accounts and records.
- Processing personal data for personal, family or household issues.
- Some non-profit companies.