- Created by: AmyBirch01
- Created on: 07-11-17 17:28
Data Protection Act - 1998
- Define what companies can do with data that can identify a living person.
- 8 parts - make it harder for companies to use data for the wrong purpose.
- Covers collection, holding and use of data.
- Companies that hold data must adhere to the act or they are breaking the law.
- Must sign up to the Information Commissioners Office
The Eight Parts
Data must be kept secure:
- Main aim.
- Ensures user safety.
- Companies must protect data.
- Take precautions
- If data is stolen, the person from the company responsible for data protection will be arrested and taken to court.
Data Stored Must be Relevent and not Excessive:
- Only hold relevent data to company porpuse.
- Cannot hold inappropriate data - variation between companies.
Data stored must be Kept no Longer than Necessary:
- only need to hold data for certain amounts of time - variation between companies.
- Not neccessary for data to be kept for years after someone has stopped using the service.
Data must be Accurate and Up to Date:
- Must be up to date e.g. new address when move house.
- Postal or online serveys.
- Down to the client to ensure data is udated whenn change occurs.
Data must be Obtained and Processed Lawfully:
- Ensure data is not collected illegally.
- Puts restraints on how data can be collected and processed.
- If data is attempted to be obtained illegally - company will be prosecuted.
Data must be Obtained and Specified for Lawful Purposes:
- When data is collected it must be clear what it is for.
- Individual can refuse.
- Company must be specific
Data must be…