Friday, February 21, 2014

Data security and legal issues

·      What is Data Protection Act?
The Data Protection Act controls how personal/customer information is used by organizations or by government bodies. The Data Protection Act has rules which require everyone who collects data to follow strict guidelines and data and privacy policies, whilst also keeping information safe. The Data Protection Act's rules are very thorough and cover rules around sharing of data, and data security.

·      Who is the information commissioner?
He is the man who has the authority to enforce that data protection act on the people of his respected country
·      Who is the data controller?
a person who determines the purposes for which and the manner in which any personal data are, or are to be, processed.
·      Who are the data subject?
Data subjects are the people who the data refers/ relates to them.

·      Who are the data users?
People who use the information

·      What is personal data?
Any information that is related to an individual who can be identified from this data, he can be identified by a number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.

o  Find and list all eight points of the data protection act
1.   The data shall not be processed fairly and lawfully
2.   Personal Data shall be obtained for a lawful purpose and nothing else
3.   Personal data shall be equated, relevant and not excessive in relation to the purpose for which they are processed
4.   Personal data shall be accurate and where necessary kept it up to date
5.   Personal data processed for any purpose shall not be kept for longer than is necessary for that purpose
6.   Personal data shall be processed in accordance with the rights of data subject
7.   Appropriate technical and organizational measures shall be taken against unauthorized or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
8.   Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

References:
 http://www.qas.co.uk/
http://ico.org.uk/


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)