Legislation Flashcards
What does DPA stand for?
Data Protection Act
What is covered by the DPA?
Personal Information such as name, contact details, employment history, date of birth etc
Who enforces the rules of the DPA?
The Information Commissioner
What is the Data Protection Register
A record of what information will be stored and how it will be used
Give 3 examples of sensitive personal data
Religion, cultural/ethnicity information, political opinions
How does sensitive personal data need to be treated differently to general personal data
You normally need to ask permission to store sensitive personal data and it needs to be stored
Data must be collected and used…
fairly and inside the law
Data must be held and used only
for the reasons given to the information commissioner
Sharing: Data cannot be
given away or sold (unless you said you would in the register)
Amount: Data must be
adequate, relevant but not excessive (not too much or too little for the purpose on the register)
Correctness: Data must be
accurate and up to date
Time: Data must not be
kept for too long (only as long as is appropriate)
Security: Data must be kept
safe and secure
What are the 7 rights of people whose data is stored?
A Right of Subject Access A Right of Correction A Right to Prevent Distress A Right to Prevent Direct Marketing A Right to Prevent Automatic Decisions A Right of Complaint to the Information Commissioner. A Right to Compensation
Who is exempt from the DPA?
People holding data for national security reasons, or people holding data for domestic purposes (E.g. personal address book)
