Data Protection Acts of (1984, 1998 & 2000)
What is the data protection acts?
This law ensures that all personal information which is held and handled appropriately. Every single person who has personal information is entitled to know what information is kept about them. People, business and organisations must register with data protection act if they process personal information about people.
So how does it impact the system security and privacy of data?
If the Data Protection Act was not followed, hackers will attempt to hack all the information that they can get, especially when there are personal details (bank accounts, addresses etc.) and sell them to other companies. Therefore following the data protection act is important, especially for an organisation. Also the data has to be accurate, because if some of the personal information is wrong, it can cause a lot of problems.
Here are the principles of the Data Protection Act:
Used fairly and lawfully:
This means that you should be told or know about the personal data which has been collected about you.
Used for limited, specifically stated purposes:
It means that when an organisation collecting your information, they should state what purpose it is for.
Used in a way that is adequate, relevant and not excessive:
When an organisation collects data, they should collect the data that they need and no more
Accurate:
Information should be correct and regular up dates is required.
Kept for no longer than is absolutely necessary:
Information should be kept within an organisation for a reasonable time.
Handled according to people’s data protection rights:
People have the right to see what the information is, however in a certain circumstance, it's different.
Kept safe and secure:
Keeping the data/information safe and secure.
Not transferred outside the UK without adequate protection:
This means that if a company wants to share their information/data to a different company in a different country, that company must have similar laws to the Data Protection Act.
This law ensures that all personal information which is held and handled appropriately. Every single person who has personal information is entitled to know what information is kept about them. People, business and organisations must register with data protection act if they process personal information about people.
So how does it impact the system security and privacy of data?
If the Data Protection Act was not followed, hackers will attempt to hack all the information that they can get, especially when there are personal details (bank accounts, addresses etc.) and sell them to other companies. Therefore following the data protection act is important, especially for an organisation. Also the data has to be accurate, because if some of the personal information is wrong, it can cause a lot of problems.
Here are the principles of the Data Protection Act:
Used fairly and lawfully:
This means that you should be told or know about the personal data which has been collected about you.
Used for limited, specifically stated purposes:
It means that when an organisation collecting your information, they should state what purpose it is for.
Used in a way that is adequate, relevant and not excessive:
When an organisation collects data, they should collect the data that they need and no more
Accurate:
Information should be correct and regular up dates is required.
Kept for no longer than is absolutely necessary:
Information should be kept within an organisation for a reasonable time.
Handled according to people’s data protection rights:
People have the right to see what the information is, however in a certain circumstance, it's different.
Kept safe and secure:
Keeping the data/information safe and secure.
Not transferred outside the UK without adequate protection:
This means that if a company wants to share their information/data to a different company in a different country, that company must have similar laws to the Data Protection Act.