Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Data Protection Act
Transcript of Data Protection Act
Daniel Monte What is it and what is the purpose? Who are the data subjects and what are their rights?
There is two types of personal data; personal and sensitive.
Personal data is about living people and could be their name, address, medical details or banking details. Sensitive personal data is also about living people, but it includes one or more details of a data subject's such as racial groups, health, political opinion or criminal activity. It is a law designed to protect personal data stored on computers or in an organized paper filing system. A data subject is someone who has data about them stored somewhere, outside of their direct control. For example, a bank stores its customers' names, addresses and phone numbers. This makes us all data subjects as there can be few people in the UK who do not feature in computer records somewhere.
• A right to prevent data likely to cause damage or distress;
• A right to prevent personal information beings used; a data subject may stop their information being used to sell them University-related services;
• A right to prevent automatic decisions: a data subject may specify that they do not want staff to make 'automated' decisions, for example via a computer, about them;
• A right of complaint to the Information Commissioner: a data subject can ask for the use of their personal information
• A right to compensation: the data subject is entitled to use the Act to receive compensation, if personal data about them is inaccurate, lost or disclosed without good reason. Types Of Personal Data Data Protection Act 1.Data must be collected and used fairly inside the law.
2.Data must only be held and used for the reasons given to the Information Commissioner.
3.Data can only be used for those purposes and only be disclosed to those people mentioned. You cannot give it away or sell it unless you said you would to begin with.
4.The information held must be adequate, relevant and not excessive when compared with the purpose stated in the register. So you must have enough detail but not too much for the job that you are doing with the data.
5.Data must be accurate and be kept up to date. There is a duty to keep it up to date, for example to change an address when people move.
6.Data must not be kept longer than is necessary for the registered purpose. It is alright to keep information for certain lengths of time but not forever. This rule means that it would be wrong to keep information about past customers longer than a few years at most.
7.The information must be kept safe and secure. This includes keeping the information backed up and away from any un-authorised access. It would be wrong to leave personal data open to be viewed by just anyone.
8.The files may not be transferred outside of the European Economic Area (that's the EU plus some small European countries) unless the country that the data is being sent to has a suitable data protection law. This part of the DPA has led to some countries passing similar laws to allow computer data centres to be located in their area. What is an Information Commissioner? any organization or person who wants to store information must apply to register to the information commissioner.
Each registration must enter;
1. A name and address.
2.A description of the information to be stored.
3.What they are going to use the information for.
4.Whether the controller plans to pass on the information
5.Whether the data controller will transfer the information outside the UK.
6.Details of how the data controller will keep the information safe and secure. The Data Protection Act was created by Parliament to control the way information is handled and to give legal rights to people who have information stored about them. How does the data protection act work? It works in two basic ways.
1.setting up rules that people have to follow
2.having an Information Commissioner
to enforce the rules
However, the data protection act does not stop companies storing information about people. Computer misuse legislation There are many types of misuse in communications on computers
some of these forms are
unauthorised transfer or copyinge.g downloading illegal data
abusing chat rooms-cyber bullying
6. The Eight Principles