Misplaced Pages

Data Protection Act 1998: Difference between revisions

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
Browse history interactively← Previous editNext edit →Content deleted Content addedVisualWikitext
Revision as of 11:35, 21 June 2005 edit212.135.1.185 (talk) Data Protection Principles← Previous edit Revision as of 11:36, 21 June 2005 edit undo-OOPSIE- (talk | contribs)531 edits Data Protection PrinciplesNext edit →
Line 19: Line 19:
# Reasonably securely kept. # Reasonably securely kept.
# Not transferred to any other country without adequate protection in situ. # Not transferred to any other country without adequate protection in situ.
i am here typing this on your website


== See also == == See also ==

Revision as of 11:36, 21 June 2005

The Data Protection Act 1984 (DPA) is a British Act of Parliament that provides a legal basis for the privacy and protection of data of UK citizens and businesses. Data disclosed by a party to another party may only be used for the specific purposes it was disclosed for. The data can only be kept for an appropriate length of time and must not be disclosed to other parties (without consent of data owner). The Act provided for a regulatory authority, the Data Protection Registrar, to oversee implementation of and adherence to the Act. Schools can not keep information about someone after they left school for any longer than ten years

It was followed up by the Data Protection Act 1998, actually an implementation of European Union Directive 95/46/EC which, amongst other measures, expanded the remit of the DPR and renamed the position to the Data Protection Commissioner.

Most recently, the Freedom of Information Act 2000 further expanded the role to include freedom of information and the job title was changed to Information Commissioner.

The UK DPA has a reputation for complexity. While the basic principles are lauded for protecting privacy, interpreting the act is not always simple.

The data protection act covers all personal data in which an organisation may hold e.g. name, DOB, Adress, Phone no. etc.

Data Protection Principles

Personal data must be -

  1. Processed fairly and lawfully.
  2. Obtained for specified and lawful purposes.
  3. Adequate, relevant and not excessive.
  4. Accurate and up to date.
  5. Not kept any longer than necessary.
  6. Processed in accordance with the “data subject’s” (the individual’s) rights.
  7. Reasonably securely kept.
  8. Not transferred to any other country without adequate protection in situ.

See also


External links


Stub icon

This law-related article is a stub. You can help Misplaced Pages by expanding it.

Categories: