DPA Flashcards
Info commissioner also responsible for?
Freedom of info act 2000
Criminal act to fail to comply with act. Prosecution could lead to…
£5k fine
Unltd is heard by crown court
Principle 1
Processed fairly and lawfully - data controller is required to tell what info will be processed, why and whether it will be disclosed to 3rd parties
2
Only processed for ltd purposes
3
Must be adequate and relevant for the purpose but not excessive
4
Kept accurate and up to date
5
Must not be kept longer than necessary
6
Processed in accordance with individuals rights
7
Kept secure
8
Must not be trfrd outside eea unless the country has comparable dpa rules
Right 1
Subject access
Right 2
Right to prevent processing - unwarrented damage or distress
Right 3
Prevent processing for direct marketing
Right 4
Can object to automatic decision making
Right 5
Right to compensation if damage or distress caused
Right 6
Rectification
Right 7
To ask info commission to assess whether act has been contravened
Sensitive personal data
Racial Religious Political physical Mental health Criminal proceedings
These can only be processed with explicit consent
Notification
Data controller registers with office for info comm that personal data will be held
Its an offence to process data without auth from info comm
Responsibility of enforcing
Information commissioner