Uk Data Protection Act
The data protection act determines a set of rights and duties designed to protect personal data. The aim of this act is to control how organizations, business or the government use our personal informationfor commercial or any others purposes and give to the individuals rights about the information that is held about them. To ensure this control it has been established strict rules called data protection principles which will be explained with more detail later.
According to the guide to Data Protection wrote by the Information Commissioner’s Office (pag. 22) the data protection act definespersonal data as an information which relates to a natural person or individual who can be identified from those data. There are also personal data concerning to people "identifiable", which can be associated, although not directly with the holders. For instance images from a CCTV recorded by a company does not identify the people recorded but seeing the images someone could recognize who these peopleare and what time you arrive or leave the office.
Data controller is any individual or organization that collect, store and process data about any living person in a computer or in a filling system structure. And has the responsibilities of accomplish the eight fundamental principles as well as being under the supervision and audit of the Commissioner´s (ICO). The commissioner’s role is to ensurethat those who keep personal data complies the principles of the act. In other words, ICO is an independent organism that makes sure that the holders of personal ensure the security of these. According to the Data protection Policy and Application guide, there are other organisms that prevent breaches in the act and ensure the personal data for instance the Data Protection Officer (DPO) which isappointed by the House of Commons and assisted by the departmental data protection representatives that gives support to the DPO.
Eight principles of data protection act:
1. Processing personal data fairly and lawfully.
This means that the collection, use, disclose, retain or disposure of data (information which is of the interest for the employer and these obtain it on their own purpose),should not be done by means of research, monitoring and control of illicit candidates and contrary to the principle of good practice, which means that we should be transparent and also notify or inform the individual how their information will be used for, and not hide the true purpose of the data collection.
2. Processing personal data for specified purposes.
What this second principle meansis that these information that has been proceed, has to be used for the purposes specified to the individuals (people to whom the data is being proceed). This principle has a clear link with the first principle which requires that personal data has to be fairly and lawfully proceed. For instance in the case of an employee which is collecting data for a future candidate, these cannot use thispersonal information with any different purposes from the originally specified purpose.
3. Information standards- amount of personal data you may hold.
The act says in the schedule 1, that personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed. These means that the holder of the information has to be clear in the way or...
Regístrate para leer el documento completo.