Information On The Data Protection Act

To help avoid allowing the world envisioned in George Orwell's 1984 from becoming a reality, the UK's Parliament passed the Data Protection Act in 1998. The Data Protection act calls for the rights of individuals to control data collected about them within certain limitations. Although the Act does not specifically use the word "privacy," in many ways it does protect the privacy of individuals in Britain from the misuse of data collected about them by a business or other organization.

According to the Data Protection Act, individuals have the right to demand that data only be used for the specific purpose for which it was collected. Data may also not be given to third parties unless the individual agrees to allow it to be. Data must not be kept in storage after it is no longer to be needed for the purpose it was collected for. To a certain degree, individuals have the right to demand access to data collected about them. In addition to this, individuals are required to implement data protection measures to ensure that personal information is securely stored and used.

Also, according to the Data Protection Act, entities that process personal information must register with the Information Commissioner. The Information Commissioner's Office, abbreviated ICO, is also responsible for enforcing the Data Protection Act. Finally, data collected about an individual may not leave the European Economic Area without the permission of the individual. The EEA, as it is often abbreviated, is roughly equivalent to the borders of the European Union.

The Act also specifies a number of principles of data protection. First, data shall be processed fairly and lawfully. Second, data is to be obtained only for lawful, specified purposes. Third, data shall be adequate, relevant, and not excessive for the purpose for which it is collected. Fourth, data shall be accurate and kept up to date. Fifth, data must not be kept longer than for the purpose it is required. Sixth, data shall be processed in accordance with the rights of the Act. Seventh, appropriate technical measures must be taken to ensure the security of the data being stored. Finally, eighth, personal data shall not be transferred outside the EEA without the consent of the individual as stated above.

Hopefully you are better informed about data protection and the Data Protection Act now. We are sure that you will follow these guidelines and use the data you collect responsibly. We hope you enjoyed this little article.

Discover