Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Data Protection act 1998
Transcript of Data Protection act 1998
By Marc Dryburgh and Steven Whitelaw
The 8 Principles Continued
- Personal data shall be accurate and, where necessary, kept up to date.
- Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
- Personal data shall be processed in accordance with the rights of data subjects under this Act.
- Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
- Personal data shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
The 8 Principles
- Personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless at least one of the conditions in Schedule 2 is met and in the case of sensitive personal data, at least one of the conditions set out in Schedule 3 or either of the two Statutory Instruments below is met. Statutory Instrument 417/2000
Statutory Instrument 2905/2002
- Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.
- Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
The data Protection act 1998 was created to protect peoples personal and sensitive data from hackers and people who wish to gain access to and/or expose said information
The 1998 Act replaced and consolidated earlier legislation such as the Data Protection Act 1984 and the Access to Personal Files Act 1987. At the same time it aimed to implement the European Data Protection Directive. In some aspects, notably electronic communication and marketing, it has been refined by subsequent legislation for legal reasons. The Privacy and Electronic Communications (EC Directive) Regulations 2003 altered the consent requirement for most electronic marketing to "positive consent" such as an opt in box. Exemptions remain for the marketing of "similar products and services" to existing customers and enquirers, which can still be permissioned on an opt out basis.
During the second half of the 20th century, businesses, organisations and the government began using computers to store information about their customers, clients and staff in databases. For example: names, addresses and contact information.
Databases are easily accessed, searched and edited. It’s also far easier to cross reference information stored in two or more databases than if the records were paper-based. The computers on which databases resided were often networked. This allowed for organisation-wide access to databases and offered an easy way to share information with other organisations.
Press the -> key