• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

The Data Protection Act

Extracts from this document...

Introduction

The Data Protection Act contains eight Data Protection Principles. These state that all data must be: - Processed fairly and lawfully - Obtained & used only for specified and lawful purposes - Adequate, relevant and not excessive - Accurate, and where necessary, kept up to date - Kept for no longer than necessary - Processed in accordance with the individuals rights (as defined) - Kept secure - Transferred only to countries that offer adequate data protection The legislation underpinning these principles is extremely complex. It is not suitable for direct devolution to all the (lay) staff/managers who may have responsibility for personal data. Nor does it, on its own, provide a measure of compliance. Hence the need for supporting products and information. Terms and definitions. PERSONAL DATA- In this Act, unless the context otherwise requires- "data" means information which- (a) is being processed by means of equipment operating automatically in response to instructions given for that purpose, (b) is recorded with the intention that it should be processed by means of such equipment, (c) is recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system, or (d) does not fall within paragraph (a), (b) or (c) but forms part of an accessible record as defined by section 68; "data controller" means, subject to subsection (4), a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed; "data processor", in relation to personal data, means any person (other than an employee of the data controller) ...read more.

Middle

DATA SUBJECT- References in this Act to the data protection principles are to the principles set out in Part I of Schedule 1. (2) Those principles are to be interpreted in accordance with Part II of Schedule 1. (3) Schedule 2 (which applies to all personal data) and Schedule 3 (which applies only to sensitive personal data) set out conditions applying for the purposes of the first principle; and Schedule 4 sets out cases in which the eighth principle does not apply. (4) Subject to section 27(1), it shall be the duty of a data controller to comply with the data protection principles in relation to all personal data with respect to which he is the data controller. DATA CONTROLLER- Except as otherwise provided by or under section 54, this Act applies to a data controller in respect of any data only if- (a) the data controller is established in the United Kingdom and the data are processed in the context of that establishment, or (b) the data controller is established neither in the United Kingdom nor in any other EEA State but uses equipment in the United Kingdom for processing the data otherwise than for the purposes of transit through the United Kingdom. (2) A data controller falling within subsection (1)(b) must nominate for the purposes of this Act a representative established in the United Kingdom. (3) For the purposes of subsections (1) and (2), each of the following is to be treated as established in the United Kingdom- (a) ...read more.

Conclusion

(2) A notification under this section must specify in accordance with notification regulations- (a) the registrable particulars, and (b) a general description of measures to be taken for the purpose of complying with the seventh data protection principle. (3) Notification regulations made by virtue of subsection (2) may provide for the determination by the Commissioner, in accordance with any requirements of the regulations, of the form in which the registrable particulars and the description mentioned in subsection (2)(b) are to be specified, including in particular the detail required for the purposes of section 16(1)(c), (d), (e) and (f) and subsection (2)(b). (4) Notification regulations may make provision as to the giving of notification- (a) by partnerships, or (b) in other cases where two or more persons are the data controllers in respect of any personal data. (5) The notification must be accompanied by such fee as may be prescribed by fees regulations. (6) Notification regulations may provide for any fee paid under subsection (5) or section 19(4) to be refunded in prescribed circumstances. Exemtions EXEMPTION FROM SECTION 22 19. Processing which was already under way immediately before 24th October 1998 is not assessable processing for the purposes of section 22. Offences Under The Act (1) If section 17(1) is contravened, the data controller is guilty of an offence. (2) Any person who fails to comply with the duty imposed by notification regulations made by virtue of section 20(1) is guilty of an offence. (3) It shall be a defence for a person charged with an offence under subsection (2) to show that he exercised all due diligence to comply with the duty. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our GCSE Legislation & The Legal Framework section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related GCSE Legislation & The Legal Framework essays

  1. Peer reviewed

    The Data Protection Act

    4 star(s)

    It also affects another adult at work. It affects Joanne at work (a music teacher). She keeps many records of information of her students and staff. Due to this she must comply with this Act and make sure she keeps the information protected and kept unreachable to any unauthorised persons.

  2. Data Protection Act

    Ones of those is putting a screen in front of any VDU's. This is so that the workers don't damage their eye from continually looking at a screen. To check that the worker hasn't damaged their eyes they have regular eye tests.

  1. The Data Protection Act 1998 - questions and answers

    employees, what type of information is held, where you intend to get the information from and who you intend to disclose it to. How much does it cost? Registration under the 1984 Act costs �75 for three years. This may change under the 1998 Act as notification is likely to

  2. Privacy and Data Protection: IT Law

    strong human rights approach on the one side, and the UK, Denmark and Ireland, not wanting to go further than the Council's Convention of 1981 on the other side. Heavy lobbying of the banking sector and the medical research sector did not make things easier.14 Not till 1995 did the EU manage to enact the Data Protection Directive.

  1. Data Protection Act

    It was passed in order to protect the rights of individuals who have data relating to them stored on computers file by an organisation or the owner of the data. The rapid development in the use of information and communication technology has led to legislation about the collection, storage, processing and distribution of personal data.

  2. Legal Aspects of Using Information Technology

    For example, if IKEA were to sell products online, which they will start doing soon, whatever the price would be online must be the same as in the shop, so it does not confuse the customer. Selling products online is a good way of advertising products to IKEA customers.

  1. The data protection act

    It is essential to protect your documents and records, the reason being for this is that: if access is gained to your personal records and documents then it can be gathered by the wrong people. These people mainly belong to a company of computer-based productivity, these people are very

  2. Computer Legislation.

    above with intent, to commit an offence to which this section applies; or to facilitate the commission of such an offence (whether by himself or by any other person) * (Section 3)Unauthorised modification of computer material or data. A person is guilty of an offence if the person does any

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work