IT - Unit 7

Lesson 1

Data Protection Act (DPA)- This was set up to protect individuals from organisations. There is a lot of informatino avaliable on individuals and this is collected by many different organisations and government agencies. It is a piece of UK legislation that has been passed to protect your rights as an individual to have your personal data collect, stored and used in a suitable manner.The act limits the data that an organisation can hold to only what they need. It was meant to stop organisations from holding excessive quantities of data on individuals for which they do not have and immediate purpose.

Terms in the DPA:

Personal Data- Any data that relates to a living, identifiable individual. 

Data- Anything that is held which can be said to be part of a record. This covers both manual and computer data. It is also anything that can be processed and stored by a computer.

Processing- Obtaining, recording or holding the information of data. It also covers any operation performed on the data. 

People in the DPA:

Data Subject- This is the living identifiable human being about whom the data is being held. 

Data Controller- This is the individual within the company who is responsible for making sure that all provisions of the DPA are being complied with. 

Data Processor- This is any person (other than the Data controller) who processes the data on behalf of the Data Controller. This is for companies who hire 3rd parties to process their data. Even if it is done by a 3rd party the Data Controller is still responsible that it is within the boundaries of the DPA. 

Reciepient- These are the individuals who are given the data in order to do some form of processing on it. They are usually employees of the Data Controller or are data processors. 

Third Party- This is the person who recieves the data for processing. A company may need to pass on its data to certain people in order to do its job.

Information Commissionar- this is the individual that is responsible for ensuring that the DPA is being adhered to, by giving advice, running training sesesion and investigating complaints. 

Rights of the Data Subject: 

- You are allowed to see what information is being held about you by a company.

- You need to write to the Data Controller and request a copy. 

- You will need to pay an adiministrative charge.

- The company must provide the information to you within a reasonable time after recieving the request. 

Right to prevent processing likely to cause damage or distress:

- If the processing of the data is going to cause damage or distress you can ask them to stop.

The right to prevent processing fo rthe purpose of direct marketing:

- You can request direct advertisement emails stop being sent to you.

Rights in relation to automated decision making:

- Some decisions are taken by a computer. For example Credit checks are made by a computer. You…