• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month
Page
  1. 1
    1
  2. 2
    2
  3. 3
    3
  4. 4
    4
  5. 5
    5
  6. 6
    6
  7. 7
    7
  8. 8
    8
  9. 9
    9
  10. 10
    10
  11. 11
    11
  12. 12
    12
  13. 13
    13
  14. 14
    14
  15. 15
    15
  16. 16
    16
  17. 17
    17
  18. 18
    18
  19. 19
    19
  20. 20
    20
  21. 21
    21
  22. 22
    22
  23. 23
    23
  24. 24
    24
  25. 25
    25
  26. 26
    26
  27. 27
    27
  28. 28
    28
  29. 29
    29
  30. 30
    30
  31. 31
    31
  • Level: GCSE
  • Subject: ICT
  • Word count: 7021

Data Protection Act

Extracts from this document...

Introduction

Semester Two Lecturer: Stuart Merrick Contents Pages - Introduction 4 - Executive Summary 4 - Analysis - Subheadings - 5-24 1.0 Question 1: 5-14 What is Data Protection Act (1998) and eight essential principles 1.1 First Principle 7 1.1.1 Conditions for processing (Schedule 2 of the Act) 8 1.1.2 Conditions of processing sensitive personal data 8 (Schedule 3 of the Act) 1.1.3 The fair Processing requirements 9 (Schedule 1 Part II paragraph 1 to 4) Paragraph 1 1.1.4 Paragraph 2 and 3 - Information to be provided to date 9 subject 2.1 Second Principle 10 3.1 Third Principle 10 4.1 Fourth Principle 11 5.1 Fifth Principle 12 6.1 Sixth Principle 12 7.1 Seventh Principle 13 8.1 Eighth Principle 14 1.2 Question 2: 15-17 Freedom of information Act (2000) 1.2.1 What is a Publication Scheme 16 1.2.2 What new rights will the public have 17 1.3 Question 3: Privacy and Electronic Communication (EC Directive) Regulation 2003 18-20 1.4 Question 4: Privacy / Security of Medical Records 20-24 - Conclusion 25 - Bibliography Question 1: Data Protection Act (1998) and eight essential principles 26 Question 2: Freedom of information Act (2000) 28 Question 3: Privacy and Electronic Communication (EC Directive) Regulation 2003 29 Question 4: Privacy / Security of Medical Records 29-31 Introduction For my module computing I have to find research and produce detailed report on freedom of information and the need for security. The information commissioner's office enforces and oversees the Data Protection Act 1998 and the Freedom of Information Act 2000. I need to read and understand knowledge respecting private lives of individuals and encourage the openness and accountability of public authorities. In the report my aims and objectives will be to cover the following aspects: - What is Data Protection Act 1998 and identify and describe 8 principles. - What is the Freedom Information Act 2000 and how does it build on the Data Protection Act - Privacy and Electronic Communication (EC Directive) Regulation 2003 came into force 11th December 2003. ...read more.

Middle

- Failing to comply with right to require data controller to rectify, block, erase or destroy inaccurate or incomplete data or cease holding such data in a way with incompatible with data controller's legitimate purpose. Personal data cannot be used or disclosed in any manner which is incompatible with the purpose of which it is held. 7.1 Seventh Principle "Appropriate technical and organizational measures shall be taken against unauthorized or lawful processing of personal data and against accidental loss or destruction of or damage to 'personal data'" The act gives some further guidance on matters which should be taken into account in deciding whether security measures are 'appropriate'. These are as follow - Taking in account the state of technological development at any time and the cost of implementing any measures, the measures must ensure a level of security appropriate to: harm that might result from a breach of security and the nature of the data to be protected. - The data controller must take reasonable steps to ensure the reliability of staff having access to the personal data. It is encouraged to consider the use of privacy enhancing techniques as part of their obligations under Seventh Principle. The Principle relates to the security of the processing as a whole and the measures to be taken by data controllers to provide security against any breaches of the Act rather than just breaches of security. Appropriate technical and organisation measures shall be taken against unauthorised access or lawful processing of personal data and against accidental loss, disclosure or destruction of, damage to personal data. Organisation holding personal data should consider physical factors, such as controlling access to the data banks and taking precautions against fire or natural disaster to the building or room. Also consider trustworthiness of staff and have measures of staff breaches including security measures and password on computer. 8.1 Eighth Principles "Personal data shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ...read more.

Conclusion

Tripwire & controls over loading of uncertified software Systems vulnerability analysis tools Detect unintended system vulnerabilities SATAN, crack, National Computer Security Association Table 2: Disclosure threats to security technologies Threats Principles Countermeasures Insider abuse Accidental disclosures Insider curiosity Insider subornation Secondary Users Outsider intrusion Education, alerts, reminder Education, authentication, authorization, audit trail, rights management tools (future possibility) Same above Rights management tools (future possibility) All available obstacles and system management precautions Table 2 above shows the disclosures of threats to available tools. The threats of medical records on information can cause. Security and privacy of medical records is a 'people's problem'. Technology can ensure that the personnel access information have a right and need to know, and that information gets from one place to another accurately and securely. Technology can do very little to ensure the person receiving the information will handle it according to confidentiality standards. It depends on ethics and an affective supervisory and legal structure that provide sanctions against detected misuse. In the real world information systems will always be vulnerable. Conclusion Everybody should be entitled to keep their private business and information to themselves unless they give their consent. Most major advances in technology also entail unintended consequences. Computerised records have enabled healthcare providers to efficiently gather and evaluate medical information via modern database and database enabled technologies the potential misuse of this information has also increased. The principle for fair use of information has been agreed upon for at least 25 years. The most fundamental principles of fair use of information are that no secondary use of medical information should take place unless authorised by the patient.1 Medical records on computers security art in various countries but of the complex interplay between human, political, technical aspects. 16 Technology can be a great help for professionals in the interest of their patients but several occasions absolute guarantees of confidentiality are difficult to assure once the information is in the system. 17All patients have a right to be treated justly. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our GCSE Legislation & The Legal Framework section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related GCSE Legislation & The Legal Framework essays

  1. Peer reviewed

    The Data Protection Act

    4 star(s)

    She keeps information about student's progress which is confidential between her and her each of her students. For example she must make she that she protects this information from falling into the wrong hands (i.e. into other students hands so that they are able to compare reports).

  2. The Data Protection Act 1998 - questions and answers

    If you want to process personal data you must be registered with the Data Protection Commissioner. Registration (which will be called notification under the 1998 Act) is a simple procedure. You call the Commissioner's hotline on 01625 545745, state the name and address of your business and the nature of your business.

  1. Discussing legislation - Data Protection act, Copyright, Computer Misuse, Health and Safety at Work ...

    Data must be accurate and kept up to date where necessary 5. Data should not be kept for longer than is necessary for the specified purpose 6. Data processing should meet the legal rights of the data subjects 7. Data holders should protect the data against loss, theft or corruption

  2. Critically evaluate the extent to which it can be said that copyright law gives ...

    There was a suggestion in this case that perhaps it was a collage contrary to section (a) that falls under the extensive meaning of graphic work. It was decided however that it could not form a collage as the work was merely temporary and was not a collection of objects stuck together.

  1. The following report will compare differences between internal and external information sources relevant to ...

    The legal information would help provide guidelines as to what the money could actually be used for. Educational Organisation Internal An educational organisation e.g. (College), gathers many forms of internal data, like for instance, statistical data on performance e.g. * Examination pass rates (Statistical)

  2. Data Protection Act

    your child and that we are sending this to the school database. This sheet would be used to find out things like medical reasons and contact numbers. The school will need to send out copies of this sheet to ensure that it is correct.

  1. The Legislations That Protect Individuals and Groups Form Misuse of ICT

    It could be improved by applying strong sentences for those caught disobeying this law, or re-write the law so that people are not able to overcome the law by words which have many definitions.

  2. Leaflet design for Finding Nemo.

    I also searched for 'Finding Nemo' to get information on the film. This time I didn't click on images, as I just wanted information and just pictures. The result is it comes with a list of websites and not images.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work