Introducing 

Prezi AI.

Your new presentation assistant.

Refine, enhance, and tailor your content, source relevant images, and edit visuals quicker than ever before.

Prezi logo
Log in
Loading…

The 8 Principles of the Data Protection Act

AG

Alex Graham

Transcript

Principle #6: Personal data shall be processed in accordance with the rights of data subjects

Principle #7: Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data against accidental loss or destruction of, or to damage to, personal data.

Principle #8: Personal data shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data

In particular, to comply to this principle you will need to:

  • design and organise your security to fit the nature of the personal data you hold and the harm that may result from a security breach
  • be clear about who your organisation is responsible for ensuring information security
  • make sure you have the right physical and technical security, backed up by robust policies and procedures and reliable, well-trained staff
  • be ready to respond o any breach of security swiftly and effectively

The rights of individuals that it refers to are:

  • a right of access to a y of the information comprised in their personal data
  • a right to object to processing that is likely to cause or is causing damage or distress
  • a right to prevent processing for direct marketing
  • a right to object to decisions being taken by automated means
  • a right in certain circumstances to have inaccurate personal data rectified, blocked, erased or destroyed
  • a right to claim compensation for damages caused by a breach of the Act.

If you are considering sending personal data outside the EEA, work trough the following checklist to help you decide if the eighth principle applies and, if so, how to comply with it to make a transfer.

Alex G

The 8 Principles of the Data Protection Act and The Computer Misuse Act

Principle #5: Personal data processed for nay purpose shall not be kept for longer than is necessary

Principle #4: Personal Data shall be accurate and where necessary, kept up to date

You need to:

  • review the length of time you keep personal data
  • consider the purposes you hold this information for deciding weather to retain it
  • securley delete information that is no longer needed or relevant to said purpose
  • update, archive or securely delete information if it goes out of date.

To comply with this principle you should:

  • take reasonable steps to ensure the accuracy of any personal data you obtain
  • ensure that the source of any personal data is clear
  • carefully consider any challenges to the accuracy of the information
  • consider weather it is necessary to update information.

The Data Protection Act Principles

The Computer Misuse Act

The computer misuse act was introduced in 1990 and it was to prevent many different computer related problems.

The main purpose of the principles is to protect the interests of the individuals whose personal data is being processed. They apply to everything you do with personal data, except where whee you are entitled to an exemption

These problems included:

  • Hacking
  • Data misuse
  • Pornography
  • Email and Chatroom abuse
  • Identity Theft
  • Financial theft
  • Viruses

Principle #2: Personal data must be obtained only for one or more specified and lawful purposes

Attempts to stop data misuse have came through this act, the data protection act and the copyright law.

Principle #1: Personal data must be processed fairly and lawfully

The data protection act says that 'Personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless - at least one of the conditions in Schedule 2 is met, and - in the case of sensitive personal data, at least one of the conditions in Schedule 3 is also met

Principle #3: Personal data shall be adequate, relevant and not excessive.

The Data Protection Act claims that Personal data should only be obtained for only one or more specified and lawful puropse, and should not be further processed i any incompatible manner with said purpose

In practice, it means that you must:

- Have legitimate grounds for collecting and using the personal data

- Not use the data in ways hat have unjustified adverse effects on the individuals concerned

- Be transparent about how you intend to use the data

In practice you should ensure that:

  • you hold personal data about an individual that is sufficient for the purpose you are holding it for i relation to that individual.
  • you do not hold more information thn you need for that purpose.

So you should identify the minimal amount of data you require to fulfill your purpose.

Choose a template

Whiteboard (AI Assisted)

Unleash creativity and collaboration with our Whiteboard Prezi AI-assisted presentation template, seamlessly combining the simplicity of a traditional whiteboard with the power of digital innovation for dynamic and interactive visual storytelling.

Science - Cranium (AI Assisted)

Unleash your creativity and captivate your audience with our Cranium Prezi AI-assisted presentation template, designed to stimulate innovative thinking and deliver a visually engaging experience for any intellectual endeavor.

Modular - Dark (AI Assisted)

Revolutionize your presentations with our Modular Prezi AI-assisted presentation template, a versatile and customizable solution that adapts to your unique content, providing a visually stunning and cohesive framework for professionals, educators, and creatives.

Presentations from around the world

Angiolina Merlin

Carmine Esposito

steering dicembre

Dario Catalano

Final Science Project

Reanna Choute

Learn more about creating dynamic, engaging presentations with Prezi
Why Prezi is better