Responsibilities for Businesses
Rights for Individuals
The Data Protection Acts 1984 and 1998.
Their purpose is to
Provide Individuals the right of access to their personal data held by any organisation
Provide rules for organisations managing personal data on computer (and paper systems).
The Data Subject is any identifiable living individual about whom personal data is stored. (INDIVIDUAL)
The Data Controller will be the person or organisation that owns the data. (BUSINESS)
The Information Commissioner is a Government officer, who administers the act and promotes good practice.
What Does Personal Data Mean?
Public Information, or Domestic Data
The Rules (Principles of the Act)
Data must be:
Fairly and lawfully processed
Processed for limited purposes
Adequate, relevant and not excessive
Not kept for longer than is necessary
Processed in line with your rights
Not transferred to countries without adequate protection
Right of access. (Controllers notify the commissioner of their processing).
Right to prevent processing (e.g automated decisions)
Right to prevent direct marketing (write to the business)
Individuals’ Rights continued
Right to prevent automated decisions (write to the company)
Right to request assessment of the way a company operates
Right to have data corrected
Right to compensation
Crime detection/prevention and collecting taxes
Domestically held data
Journalists when its in the public interest