SlideShare une entreprise Scribd logo

The Data Protection Act

S
SaimaRafiq
Technologie
1  sur  15
The Data Protection Act 1998
Why the Data Protection Act was developed? ,[object Object]
lay down rules about “how data about people can be used?”The Data Protection Act (1998) states that organizations which store personal information must register and state the purpose for which they need the information.
The data protection act covers: Information or data stored on a computer or an organized paper filing system about living people in different departments such as: Tax Office Doctor / Dentist National Insurance DVLC(Driver and Vehicle Licensing Centre) Police etc
How the Act works (basics): by setting up rules that people have to follow having an Information Commissioner to enforce the rules It does not stop companies storing information about people. It just makes them follow rules.
Who's involved? The Information Commissioner , the person (and her office) who has powers to enforce the Act. A data controller , a person or company that collects and keeps data about people. A data subjectis someone who has data about them stored somewhere, outside their direct control.
Registration with the Information Commissioner Any organization or person who needs to store personal information must apply to register with the Information Commissioner. A register of data controllers is kept detailing the data that will be stored so they have to say in advance what information will be stored and how they will use it. Each register entry contains the following information: The data controller's name and address. A description of the information to be stored. What they are going to use the information for. Whether the data controller plans to pass on the information to other people or organizations. Whether the data controller will transfer the information outside the UK. Details of how the data controller will keep the information safe and secure.
Personal data and information Some data and information stored on computer disks is personal and needs to be kept confidential. Such as pay, bank details, and medical records. If someone who is not entitled to see these details can obtain access without permission it is unauthorized access. The Data Protection Act sets up rules to prevent this kind of unauthorized access to personal data and information.
Types of Personal Data The Act sets up two types of personal data: Personal data is about living people and could be: their name address medical details or banking details 'Sensitive' personal data is also about living people, but it includes one or more details of a data subject's: racial or ethnic origin political opinions religion membership of a trade union health sexual life criminal activity There are more safeguards about sensitive data than ordinary personal data. Usually, a person must be asked specifically if sensitive data can be kept.
Responsibilities of data controllers All data controllers must keep to the Eight Principles of Data Protection. a data controller is the nominated person in a company who applies to the data commissioner for permission to store and use personal data.
The Eight Principles For the personal data that controllers store and process: Data must be kept secure; Data stored must be relevant; Data stored must be kept no longer than necessary; Data stored must be kept accurate and up-to-date; Data must be obtained and processed lawfully; Data must be processed within the data subject rights; Data must be obtained and specified for lawful purposes; Data must not be transferred to countries without adequate data protection laws.
The rights of data subjects People whose personal data is stored are called data subjects. The Act sets up rights for people who have data kept about them.
Peoples' rights A Right of Subject Access A data subject has a right to be supplied by a data controller with the personal data held about him or her. The data controller can charge for this: usually a few pounds. A Right of Correction A data subject may force a data controller to correct any mistakes in the data held about them. A Right to Prevent Distress A data subject may prevent the use of information if it would be likely to cause them distress. A Right to Prevent Direct Marketing A data subject may stop their data being used in attempts to sell them things (eg by junk mail or cold telephone calls.) A Right to Prevent Automatic Decisions A data subject may specify that they do not want a data user to make "automated" decisions about them where, through points scoring, a computer decides on, for example, a loan application. A Right of Complaint to the Information Commissioner A data subject can ask for the use of their personal data to be reviewed by the Information Commissioner who can enforce a ruling using the Act. The Commissioner may inspect a controller's computers to help in the investigation. A Right to Compensation The data subject is entitled to use the law to get compensation for damage caused ("damages") if personal data about them is inaccurate, lost, or disclosed.
What data is exempt from the Act? There are some complete exemptions and some partial exemptions where personal data is not covered by the 1998 Act.
Complete exemptions Any personal data that is held for a national security reason is not covered. Personal data held for domestic purposes only at home, eg a list of your friends' names, birthdays and addresses does not have to keep to the rules.

Recommandé

Data protection ppt
Data protection pptData protection ppt
Data protection pptgrahamwell
 
General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
 
Data Protection Act
Data Protection ActData Protection Act
Data Protection Actmrmwood
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)Extentia Information Technology
 
GDPR infographic
GDPR infographicGDPR infographic
GDPR infographicMarketing Team at Crown Worldwide Group
 
Data Privacy & Security
Data Privacy & SecurityData Privacy & Security
Data Privacy & SecurityEryk Budi Pratama
 
GDPR
GDPRGDPR
GDPRGopi PD
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection RegulationBCC - Solutions for IBM Collaboration Software
 

Recommandé

Data protection ppt
Data protection pptData protection ppt
Data protection pptgrahamwell
 
General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
 
Data Protection Act
Data Protection ActData Protection Act
Data Protection Actmrmwood
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)Extentia Information Technology
 
GDPR infographic
GDPR infographicGDPR infographic
GDPR infographicMarketing Team at Crown Worldwide Group
 
Data Privacy & Security
Data Privacy & SecurityData Privacy & Security
Data Privacy & SecurityEryk Budi Pratama
 
GDPR
GDPRGDPR
GDPRGopi PD
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection RegulationBCC - Solutions for IBM Collaboration Software
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slidesNaomi Holmes
 
Unit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrUnit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
 
Data Protection Presentation
Data Protection PresentationData Protection Presentation
Data Protection PresentationIBM Business Insight
 
Data Protection and Privacy
Data Protection and PrivacyData Protection and Privacy
Data Protection and PrivacyVertex Holdings
 
Privacy and Data Security
Privacy and Data SecurityPrivacy and Data Security
Privacy and Data SecurityWilmerHale
 
Data protection
Data protectionData protection
Data protectionRaviPrashant5
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdfPriyanka Aash
 
Data Privacy Introduction
Data Privacy IntroductionData Privacy Introduction
Data Privacy IntroductionG Prachi
 
GDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationGDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationVicky Dallas
 
GDPR Demystified
GDPR DemystifiedGDPR Demystified
GDPR DemystifiedSPIN Chennai
 
Data protection
Data protectionData protection
Data protectionLewis Silkin
 
Data & Privacy: Striking the Right Balance - Jonny Leroy
Data & Privacy: Striking the Right Balance - Jonny LeroyData & Privacy: Striking the Right Balance - Jonny Leroy
Data & Privacy: Striking the Right Balance - Jonny LeroyThoughtworks
 
Personal data protection bill
Personal data protection bill Personal data protection bill
Personal data protection bill Mathew Chacko
 
Physical Security
Physical SecurityPhysical Security
Physical Securitykavitha muneeshwaran
 
Data Security - English
Data Security - EnglishData Security - English
Data Security - EnglishData Security
 
PDPA Compliance Preparation
PDPA Compliance PreparationPDPA Compliance Preparation
PDPA Compliance PreparationLawPlus Ltd.
 
Overview on data privacy
Overview on data privacy Overview on data privacy
Overview on data privacy Amiit Keshav Naik
 
Data Protection (Download for slideshow)
Data Protection (Download for slideshow)Data Protection (Download for slideshow)
Data Protection (Download for slideshow)Andrew Sharpe
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPRDipanjanDey12
 
Privacy & Data Protection
Privacy & Data ProtectionPrivacy & Data Protection
Privacy & Data Protectionsp_krishna
 
Data protection act
Data protection act Data protection act
Data protection act Iqbal Bocus
 
Introduction to Data Protection and Information Security
Introduction to Data Protection and Information SecurityIntroduction to Data Protection and Information Security
Introduction to Data Protection and Information SecurityJisc Scotland
 

Contenu connexe

Tendances

GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slidesNaomi Holmes
 
Unit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrUnit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
 
Data Protection and Privacy
Data Protection and PrivacyData Protection and Privacy
Data Protection and PrivacyVertex Holdings
 
Privacy and Data Security
Privacy and Data SecurityPrivacy and Data Security
Privacy and Data SecurityWilmerHale
 
Data Privacy Introduction
Data Privacy IntroductionData Privacy Introduction
Data Privacy IntroductionG Prachi
 
GDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationGDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationVicky Dallas
 
Data & Privacy: Striking the Right Balance - Jonny Leroy
Data & Privacy: Striking the Right Balance - Jonny LeroyData & Privacy: Striking the Right Balance - Jonny Leroy
Data & Privacy: Striking the Right Balance - Jonny LeroyThoughtworks
 
Personal data protection bill
Personal data protection bill Personal data protection bill
Personal data protection bill Mathew Chacko
 
Data Security - English
Data Security - EnglishData Security - English
Data Security - EnglishData Security
 
PDPA Compliance Preparation
PDPA Compliance PreparationPDPA Compliance Preparation
PDPA Compliance PreparationLawPlus Ltd.
 
Data Protection (Download for slideshow)
Data Protection (Download for slideshow)Data Protection (Download for slideshow)
Data Protection (Download for slideshow)Andrew Sharpe
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPRDipanjanDey12
 
Privacy & Data Protection
Privacy & Data ProtectionPrivacy & Data Protection
Privacy & Data Protectionsp_krishna
 

Tendances (20)

GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slides
 
Unit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrUnit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hr
 
Data Protection Presentation
Data Protection PresentationData Protection Presentation
Data Protection Presentation
 
Data Protection and Privacy
Data Protection and PrivacyData Protection and Privacy
Data Protection and Privacy
 
Privacy and Data Security
Privacy and Data SecurityPrivacy and Data Security
Privacy and Data Security
 
Data protection
Data protectionData protection
Data protection
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
Data Privacy Introduction
Data Privacy IntroductionData Privacy Introduction
Data Privacy Introduction
 
GDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationGDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection Regulation
 
GDPR Demystified
GDPR DemystifiedGDPR Demystified
GDPR Demystified
 
Data protection
Data protectionData protection
Data protection
 
Data & Privacy: Striking the Right Balance - Jonny Leroy
Data & Privacy: Striking the Right Balance - Jonny LeroyData & Privacy: Striking the Right Balance - Jonny Leroy
Data & Privacy: Striking the Right Balance - Jonny Leroy
 
Personal data protection bill
Personal data protection bill Personal data protection bill
Personal data protection bill
 
Physical Security
Physical SecurityPhysical Security
Physical Security
 
Data Security - English
Data Security - EnglishData Security - English
Data Security - English
 
PDPA Compliance Preparation
PDPA Compliance PreparationPDPA Compliance Preparation
PDPA Compliance Preparation
 
Overview on data privacy
Overview on data privacy Overview on data privacy
Overview on data privacy
 
Data Protection (Download for slideshow)
Data Protection (Download for slideshow)Data Protection (Download for slideshow)
Data Protection (Download for slideshow)
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPR
 
Privacy & Data Protection
Privacy & Data ProtectionPrivacy & Data Protection
Privacy & Data Protection
 

En vedette

Data protection act
Data protection act Data protection act
Data protection act Iqbal Bocus
 
Introduction to Data Protection and Information Security
Introduction to Data Protection and Information SecurityIntroduction to Data Protection and Information Security
Introduction to Data Protection and Information SecurityJisc Scotland
 
Data Privacy and Protection Presentation
Data Privacy and Protection PresentationData Privacy and Protection Presentation
Data Privacy and Protection Presentationmlw32785
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Russell_Kennedy
 
EU Medical Device Clinical Research under the General Data Protection Regulation
EU Medical Device Clinical Research under the General Data Protection RegulationEU Medical Device Clinical Research under the General Data Protection Regulation
EU Medical Device Clinical Research under the General Data Protection RegulationErik Vollebregt
 
What is Internet Monitoring?
What is Internet Monitoring?What is Internet Monitoring?
What is Internet Monitoring?Spiral16
 
Using the Freedom of Information Act
Using the Freedom of Information ActUsing the Freedom of Information Act
Using the Freedom of Information ActDavid Ottewell
 
The principles of the Data Protection Act in detail - uk
The principles of the Data Protection Act in detail - ukThe principles of the Data Protection Act in detail - uk
The principles of the Data Protection Act in detail - uk- Mark - Fullbright
 
Internet Censorship at Linux Day 2013, Antonio Pescapè
Internet Censorship at Linux Day 2013, Antonio PescapèInternet Censorship at Linux Day 2013, Antonio Pescapè
Internet Censorship at Linux Day 2013, Antonio Pescapèpescape
 
What All Organisations Need to Know About Data Protection and Cloud Computing...
What All Organisations Need to Know About Data Protection and Cloud Computing...What All Organisations Need to Know About Data Protection and Cloud Computing...
What All Organisations Need to Know About Data Protection and Cloud Computing...Brian Miller, Solicitor
 
5 Graphics Units
5 Graphics Units5 Graphics Units
5 Graphics Unitslees_ush
 
Securing your azure web app with asp.net core data protection
Securing your azure web app with asp.net core data protectionSecuring your azure web app with asp.net core data protection
Securing your azure web app with asp.net core data protectionMike Melusky
 
Regulations and Legislation for E-Commerce in the UK
Regulations and Legislation for E-Commerce in the UKRegulations and Legislation for E-Commerce in the UK
Regulations and Legislation for E-Commerce in the UKPatrick John McGee
 
Computer Legislation2 T2
Computer Legislation2 T2Computer Legislation2 T2
Computer Legislation2 T2lees_ush
 
Law-Exchange.co.uk Shared Resource
Law-Exchange.co.uk Shared ResourceLaw-Exchange.co.uk Shared Resource
Law-Exchange.co.uk Shared Resourcelawexchange.co.uk
 
Law for bloggers and journalists (UK)
Law for bloggers and journalists (UK)Law for bloggers and journalists (UK)
Law for bloggers and journalists (UK)Paul Bradshaw
 
ISACA Journal Data Protection Act (UK) and GAPP Alignment
ISACA Journal Data Protection Act (UK) and GAPP AlignmentISACA Journal Data Protection Act (UK) and GAPP Alignment
ISACA Journal Data Protection Act (UK) and GAPP AlignmentMohammed J. Khan
 
Law-Exchange.co.uk Shared Resource
Law-Exchange.co.uk Shared ResourceLaw-Exchange.co.uk Shared Resource
Law-Exchange.co.uk Shared Resourcelawexchange.co.uk
 
Data Privacy & Compliance Considerations on Using Cloud Services
Data Privacy & Compliance Considerations on Using Cloud ServicesData Privacy & Compliance Considerations on Using Cloud Services
Data Privacy & Compliance Considerations on Using Cloud ServicesAmazon Web Services
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Lumension
 

En vedette (20)

Data protection act
Data protection act Data protection act
Data protection act
 
Introduction to Data Protection and Information Security
Introduction to Data Protection and Information SecurityIntroduction to Data Protection and Information Security
Introduction to Data Protection and Information Security
 
Data Privacy and Protection Presentation
Data Privacy and Protection PresentationData Privacy and Protection Presentation
Data Privacy and Protection Presentation
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)
 
EU Medical Device Clinical Research under the General Data Protection Regulation
EU Medical Device Clinical Research under the General Data Protection RegulationEU Medical Device Clinical Research under the General Data Protection Regulation
EU Medical Device Clinical Research under the General Data Protection Regulation
 
What is Internet Monitoring?
What is Internet Monitoring?What is Internet Monitoring?
What is Internet Monitoring?
 
Using the Freedom of Information Act
Using the Freedom of Information ActUsing the Freedom of Information Act
Using the Freedom of Information Act
 
The principles of the Data Protection Act in detail - uk
The principles of the Data Protection Act in detail - ukThe principles of the Data Protection Act in detail - uk
The principles of the Data Protection Act in detail - uk
 
Internet Censorship at Linux Day 2013, Antonio Pescapè
Internet Censorship at Linux Day 2013, Antonio PescapèInternet Censorship at Linux Day 2013, Antonio Pescapè
Internet Censorship at Linux Day 2013, Antonio Pescapè
 
What All Organisations Need to Know About Data Protection and Cloud Computing...
What All Organisations Need to Know About Data Protection and Cloud Computing...What All Organisations Need to Know About Data Protection and Cloud Computing...
What All Organisations Need to Know About Data Protection and Cloud Computing...
 
5 Graphics Units
5 Graphics Units5 Graphics Units
5 Graphics Units
 
Securing your azure web app with asp.net core data protection
Securing your azure web app with asp.net core data protectionSecuring your azure web app with asp.net core data protection
Securing your azure web app with asp.net core data protection
 
Regulations and Legislation for E-Commerce in the UK
Regulations and Legislation for E-Commerce in the UKRegulations and Legislation for E-Commerce in the UK
Regulations and Legislation for E-Commerce in the UK
 
Computer Legislation2 T2
Computer Legislation2 T2Computer Legislation2 T2
Computer Legislation2 T2
 
Law-Exchange.co.uk Shared Resource
Law-Exchange.co.uk Shared ResourceLaw-Exchange.co.uk Shared Resource
Law-Exchange.co.uk Shared Resource
 
Law for bloggers and journalists (UK)
Law for bloggers and journalists (UK)Law for bloggers and journalists (UK)
Law for bloggers and journalists (UK)
 
ISACA Journal Data Protection Act (UK) and GAPP Alignment
ISACA Journal Data Protection Act (UK) and GAPP AlignmentISACA Journal Data Protection Act (UK) and GAPP Alignment
ISACA Journal Data Protection Act (UK) and GAPP Alignment
 
Law-Exchange.co.uk Shared Resource
Law-Exchange.co.uk Shared ResourceLaw-Exchange.co.uk Shared Resource
Law-Exchange.co.uk Shared Resource
 
Data Privacy & Compliance Considerations on Using Cloud Services
Data Privacy & Compliance Considerations on Using Cloud ServicesData Privacy & Compliance Considerations on Using Cloud Services
Data Privacy & Compliance Considerations on Using Cloud Services
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?
 

Similaire à The Data Protection Act

Protection of Personal Information Bill (POPI)
Protection of Personal Information Bill (POPI)Protection of Personal Information Bill (POPI)
Protection of Personal Information Bill (POPI)Robert MacLean
 
Safety And Security Of Data 4
Safety And Security Of Data 4Safety And Security Of Data 4
Safety And Security Of Data 4Wynthorpe
 
3e - Data Protection
3e - Data Protection3e - Data Protection
3e - Data ProtectionMISY
 
Data protection act new 13 12-11
Data protection act new 13 12-11Data protection act new 13 12-11
Data protection act new 13 12-11mrmwood
 
Bahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfBahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfDaviesParker
 
Legislation
LegislationLegislation
Legislationmegabyte
 
Ch 17 data protections act
Ch 17 data protections actCh 17 data protections act
Ch 17 data protections actKhan Yousafzai
 
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...Dr. Oliver Massmann
 
What You Need To Know About Privacy Now!
What You Need To Know About Privacy Now!What You Need To Know About Privacy Now!
What You Need To Know About Privacy Now!catherinecoulter
 
What You Need To Know About Privacy Now!
What You Need To Know About Privacy Now!What You Need To Know About Privacy Now!
What You Need To Know About Privacy Now!catherinecoulter
 
Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104
Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104 Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104
Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104 Upekha Vandebona
 
GDPR: Are you EU Compliant?
GDPR: Are you EU Compliant? GDPR: Are you EU Compliant?
GDPR: Are you EU Compliant? GreenRope
 
Asia Counsel Insights May 2023
Asia Counsel Insights May 2023Asia Counsel Insights May 2023
Asia Counsel Insights May 2023Minh Duong
 
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...Dr. Oliver Massmann
 

Similaire à The Data Protection Act (20)

Protection of Personal Information Bill (POPI)
Protection of Personal Information Bill (POPI)Protection of Personal Information Bill (POPI)
Protection of Personal Information Bill (POPI)
 
GDPR Whitepaper
GDPR WhitepaperGDPR Whitepaper
GDPR Whitepaper
 
Safety And Security Of Data 4
Safety And Security Of Data 4Safety And Security Of Data 4
Safety And Security Of Data 4
 
Personal Data Protection in Malaysia
Personal Data Protection in MalaysiaPersonal Data Protection in Malaysia
Personal Data Protection in Malaysia
 
3e - Data Protection
3e - Data Protection3e - Data Protection
3e - Data Protection
 
Data protection act new 13 12-11
Data protection act new 13 12-11Data protection act new 13 12-11
Data protection act new 13 12-11
 
Bahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfBahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdf
 
Legislation
LegislationLegislation
Legislation
 
Ch 17 data protections act
Ch 17 data protections actCh 17 data protections act
Ch 17 data protections act
 
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
 
GDPR Presentation
GDPR PresentationGDPR Presentation
GDPR Presentation
 
What You Need To Know About Privacy Now!
What You Need To Know About Privacy Now!What You Need To Know About Privacy Now!
What You Need To Know About Privacy Now!
 
What You Need To Know About Privacy Now!
What You Need To Know About Privacy Now!What You Need To Know About Privacy Now!
What You Need To Know About Privacy Now!
 
Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104
Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104 Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104
Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104
 
Privacy - USC 2005
Privacy - USC 2005Privacy - USC 2005
Privacy - USC 2005
 
GDPR: Are you EU Compliant?
GDPR: Are you EU Compliant? GDPR: Are you EU Compliant?
GDPR: Are you EU Compliant?
 
Gdpr in a nutshell
Gdpr in a nutshellGdpr in a nutshell
Gdpr in a nutshell
 
Asia Counsel Insights May 2023
Asia Counsel Insights May 2023Asia Counsel Insights May 2023
Asia Counsel Insights May 2023
 
POPI Seminar FINAL
POPI Seminar FINALPOPI Seminar FINAL
POPI Seminar FINAL
 
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
 

Dernier

Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 

Dernier (20)

Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 

The Data Protection Act

  • 2.
  • 3. lay down rules about “how data about people can be used?”The Data Protection Act (1998) states that organizations which store personal information must register and state the purpose for which they need the information.
  • 4. The data protection act covers: Information or data stored on a computer or an organized paper filing system about living people in different departments such as: Tax Office Doctor / Dentist National Insurance DVLC(Driver and Vehicle Licensing Centre) Police etc
  • 5. How the Act works (basics): by setting up rules that people have to follow having an Information Commissioner to enforce the rules It does not stop companies storing information about people. It just makes them follow rules.
  • 6. Who's involved? The Information Commissioner , the person (and her office) who has powers to enforce the Act. A data controller , a person or company that collects and keeps data about people. A data subjectis someone who has data about them stored somewhere, outside their direct control.
  • 7. Registration with the Information Commissioner Any organization or person who needs to store personal information must apply to register with the Information Commissioner. A register of data controllers is kept detailing the data that will be stored so they have to say in advance what information will be stored and how they will use it. Each register entry contains the following information: The data controller's name and address. A description of the information to be stored. What they are going to use the information for. Whether the data controller plans to pass on the information to other people or organizations. Whether the data controller will transfer the information outside the UK. Details of how the data controller will keep the information safe and secure.
  • 8. Personal data and information Some data and information stored on computer disks is personal and needs to be kept confidential. Such as pay, bank details, and medical records. If someone who is not entitled to see these details can obtain access without permission it is unauthorized access. The Data Protection Act sets up rules to prevent this kind of unauthorized access to personal data and information.
  • 9. Types of Personal Data The Act sets up two types of personal data: Personal data is about living people and could be: their name address medical details or banking details 'Sensitive' personal data is also about living people, but it includes one or more details of a data subject's: racial or ethnic origin political opinions religion membership of a trade union health sexual life criminal activity There are more safeguards about sensitive data than ordinary personal data. Usually, a person must be asked specifically if sensitive data can be kept.
  • 10. Responsibilities of data controllers All data controllers must keep to the Eight Principles of Data Protection. a data controller is the nominated person in a company who applies to the data commissioner for permission to store and use personal data.
  • 11. The Eight Principles For the personal data that controllers store and process: Data must be kept secure; Data stored must be relevant; Data stored must be kept no longer than necessary; Data stored must be kept accurate and up-to-date; Data must be obtained and processed lawfully; Data must be processed within the data subject rights; Data must be obtained and specified for lawful purposes; Data must not be transferred to countries without adequate data protection laws.
  • 12. The rights of data subjects People whose personal data is stored are called data subjects. The Act sets up rights for people who have data kept about them.
  • 13. Peoples' rights A Right of Subject Access A data subject has a right to be supplied by a data controller with the personal data held about him or her. The data controller can charge for this: usually a few pounds. A Right of Correction A data subject may force a data controller to correct any mistakes in the data held about them. A Right to Prevent Distress A data subject may prevent the use of information if it would be likely to cause them distress. A Right to Prevent Direct Marketing A data subject may stop their data being used in attempts to sell them things (eg by junk mail or cold telephone calls.) A Right to Prevent Automatic Decisions A data subject may specify that they do not want a data user to make "automated" decisions about them where, through points scoring, a computer decides on, for example, a loan application. A Right of Complaint to the Information Commissioner A data subject can ask for the use of their personal data to be reviewed by the Information Commissioner who can enforce a ruling using the Act. The Commissioner may inspect a controller's computers to help in the investigation. A Right to Compensation The data subject is entitled to use the law to get compensation for damage caused ("damages") if personal data about them is inaccurate, lost, or disclosed.
  • 14. What data is exempt from the Act? There are some complete exemptions and some partial exemptions where personal data is not covered by the 1998 Act.
  • 15. Complete exemptions Any personal data that is held for a national security reason is not covered. Personal data held for domestic purposes only at home, eg a list of your friends' names, birthdays and addresses does not have to keep to the rules.
  • 16. Partial exemptions Some personal data has partial exemption from the rules of the Act. The main examples of this are: The taxman or police do not have to disclose information held or processed to prevent crime or taxation fraud. Criminals cannot see their police files. Tax or VAT investigators do not have to show people their files. A data subject has no right to see information stored about him if it is to do with his/her health. This allows doctors to keep information from patients if they think it is in their best interests. A school pupil has no right of access to personal files, or to exam results before publication. A data controller can keep data for any length of time if it is being used for statistical, historical or research purposes. Some research by journalists and academics is exempt if it is in the public interest or does not identify individuals. Employment references written by a previous employer are exempt. Planning information about staff in a company is exempt, as it may damage the business to disclose it.