Upload
felicia-miles
View
219
Download
0
Tags:
Embed Size (px)
Citation preview
1AQA ICT AS Level © Nelson Thornes 20081AQA ICT AS Level © Nelson Thornes 2008
Data Protection Act
2AQA ICT AS Level © Nelson Thornes 20082AQA ICT AS Level © Nelson Thornes 2008
The Data Protection Act sets out to protect personal data belonging to living individuals. It is managed by the Information Commission.
There are some exemptions where the act does not apply, for example:
• you cannot demand to see data that might affect national security or that might hinder police investigations into crimes
• you cannot refuse to allow data collected for the electoral roll to be publicly available.
Provisions
3AQA ICT AS Level © Nelson Thornes 20083AQA ICT AS Level © Nelson Thornes 2008
•Data subjects are living, identifiable individuals who have data stored about them, for example, you.•Data users are people who hold data about data subjects, for example, your school or college.•Organisations holding personal data must appoint a Data Controller who is responsible for the way data is used.
Provisions
4AQA ICT AS Level © Nelson Thornes 20084AQA ICT AS Level © Nelson Thornes 2008
Data must be:• Fairly and lawfully processed• Processed for limited purposes• Adequate, relevant and not excessive• Accurate• Not kept longer than necessary• Processed in accordance with your rights• Kept secure• Not transferred abroad without adequate protection• Please click above to see example or skip to
summary
Provisions
5AQA ICT AS Level © Nelson Thornes 20085AQA ICT AS Level © Nelson Thornes 2008
Data subjects must give permission for data to be sold or passed on.
Data is often sold. Companies must have your permission to do this.
Back to menu
Fairly and lawfully processed
6AQA ICT AS Level © Nelson Thornes 20086AQA ICT AS Level © Nelson Thornes 2008
Data must be collected for a particular purpose and permission must be sought from the data subject to use it for anything else. If data is to be passed on the company should inform the Information Commissioner
Back to menu
Processed for limited purposes
7AQA ICT AS Level © Nelson Thornes 20087AQA ICT AS Level © Nelson Thornes 2008
Organisations can only collect data that is actually needed to provide the services they offer.
They must state what data they intend to collect when they register as data users.
For example, you should not be asked for your National Insurance Number by a mail order company.
Back to menu
Adequate, relevant and not excessive
8AQA ICT AS Level © Nelson Thornes 20088AQA ICT AS Level © Nelson Thornes 2008
Financial figures must be accurate. For example, salary level determines the amount that can be borrowed for a mortgage.
That might mean that a person applying for a mortgage might be refused because of the mistake, when the mortgage would normally have been granted.
Back to menu
Accurate
9AQA ICT AS Level © Nelson Thornes 20089AQA ICT AS Level © Nelson Thornes 2008
Back to menu
Organisations must destroy data when it is no longer needed although not necessarily straight away.
School records, for example, are usually kept for five years after a student leaves, even paper ones.
Not kept longer than necessary
10AQA ICT AS Level © Nelson Thornes 200810AQA ICT AS Level © Nelson Thornes 2008
Data subjects have the right to: • see the data held about them• correct inaccurate data• stop data being processed if it is likely to cause
distress• complain to the Information Commissioner if they
think the rules have been broken• claim compensation if they can prove that
damage or distress has been caused by misuse of their data.
Back to menu
Processed in accordance with your rights
11AQA ICT AS Level © Nelson Thornes 200811AQA ICT AS Level © Nelson Thornes 2008
In computer terms this refers to the use of passwords and other security measures such as the encryption of data if sent elsewhere.
Back to menu
Kept secure
12AQA ICT AS Level © Nelson Thornes 200812AQA ICT AS Level © Nelson Thornes 2008
Data can only be transmitted to other countries provided they have laws equivalent to the Data Protection Act. Countries within the EU do have them.
Back to menu
Not transferred abroad without adequate protection
13AQA ICT AS Level © Nelson Thornes 200813AQA ICT AS Level © Nelson Thornes 2008
The Data Protection Act is designed to prevent inappropriate use of data about individuals.
It is overseen by the Information Commissioner.Data users store data about data subjects.Data users must follow the eight Data Protection Principles.
There are some exemptions to the act, such as national security.
Summary