Data Protection Act 1998 - PowerPoint PPT Presentation

1 / 28
About This Presentation
Title:

Data Protection Act 1998

Description:

The Data Protection Act (DPA) is designed to protect personal data stored on computers or in an organised paper filing system. – PowerPoint PPT presentation

Number of Views:164
Avg rating:3.0/5.0
Slides: 29
Provided by: acuk
Category:

less

Transcript and Presenter's Notes

Title: Data Protection Act 1998


1
Data Protection Act 1998
2
  • I am not stupid you know!

3
But
  • 1 in 3 people admit they throw away documents
    containing important personal information without
    shredding them
  • Lancashire County Council left social work
    records in a filing cabinet that was sold at
    auction
  • 62,000 Bank of Scotland mortgage customer details
    were put on a CD and put in the post but it never
    turned up ... 

4
People are aware of their rights!
  • A senior academic at Lancaster University has
    received a written warning for making "illicit
    disclosures" after he responded to a mother's
    complaint about her son's tuition.
  • The professor replied immediately, listing the
    student's modules, contact time etc.
  • BUT
  • When the student became aware of the exchange, he
    complained to the university that it had released
    the information without his consent.

5
  • How does the law protect personal data?

6
  • The Data Protection Act (DPA) is designed to
    protect personal data stored on computers or in
    an organised paper filing system.

7
The DPA
  • A number of concerns needed addressing
  • Who could access this information?
  • How accurate is it?
  • Could it be copied?
  • Is it possible to store information without the
    individuals knowledge or permission?
  • Was a record kept of any changes?

8
Exercise 1You are on your own in the office
one lunchtime, the phone ringswhat do you do?
You answer the phone Hello I am a lawyer
with Grabbit and Runne acting in a criminal case.
I need to know the address of one of your members
of staff as they are key witnesses in a trial,
please can you give me their contact details?
Without them the defence will collapse and you
may be prosecuted for obstruction
9
Exercise 1
  • Summary

10
How the DPA works
  • The 1998 Data Protection Act was passed by
    Parliament to control the way information is
    handled and to give legal rights to people who
    have information stored about them.
  • Basically it works by
  • setting up rules that people have to follow
  • having an Information Commissioner to enforce the
    rules
  • It does not stop organisations storing and using
    information about people.
  • It just makes them follow rules.

11
The 3 Main Roles
  • Information Commissioner
  • Data Controller
  • Data subject

12
Types of data
  • There are distinct types of personal data
  • 1. Personal data
  • 2. Sensitive personal data
  • If someone who is not entitled to see these
    details can obtain access without permission it
    is unauthorised access.

13
Exercise 2Its late, you want to go home,
youre the last one in the office, the phone
rings (why you again?)what do you do?
You pick up the phone Hello is that the
University? I am phoning about my nephew, I want
to know how well he is doing, his mother is so
worried about him. I also want to know his
address so I can send his birthday present
14
Exercise 2
  • Summary

15
The Eight Principles
  • For the personal data that Data Controllers store
    and process
  • It must be collected and used fairly and inside
    the law.
  • It must only be held and used for the reasons
    given to the Information Commissioner.
  • It can only be used for those registered purposes
    and only be disclosed to those people mentioned
    in the register entry.
  • The information held must be adequate, relevant
    and not excessive when compared with the purpose
    stated in the register.
  • It must be accurate and be kept up to date.
  • It must not be kept longer than is necessary for
    the registered purpose.
  • The information must be kept safe and secure.
  • The files may not be transferred outside of the
    European Economic Area unless the country that
    the data is being sent to has a suitable data
    protection law.

16
Data Subjects rights
  • A Right of Subject Access
  • A Right of Correction
  • A Right to Prevent Distress
  • A Right to Prevent Direct Marketing
  • A Right to Prevent Automatic Decisions
  • A Right of Complaint to the Information
    Commissioner
  • A Right to Compensation

17
Exemptions
  • Complete exemptions
  • Any personal data that is held for a national
    security reason is not covered.
  • Personal data held for domestic purposes only at
    home, e.g. a list of your friends' names,
    birthdays and addresses does not have to keep to
    the rules.
  • Partial exemptions
  • e.g. HMRC, school pupils, company planning
    documents, health notes, statistics, employer
    references

18
Yes OK Tim, but what does it all mean?
  • You can be prosecuted for unlawful action under
    the legislation if
  • you use or disclose information about other
    people without consent or authorisation
  • you give information to another employee or
    student who does not need the details to carry
    out their legitimate duties, even if it was
    accidental

19
Think!
  • Who can hear your phone call?
  • Who are you really talking to?
  • Do they really need to know?
  • Who can see your pc screen?
  • Where does waste paper end up?
  • What information is on your desk or in-tray?

20
You should remember these points
  • Do not leave people's information out on your
    desk.
  • Lock filing cabinets.
  • Do not leave data displayed on screen, (use a
    screensaver?).
  • Do not leave your computer logged on and
    unattended.
  • Do not choose a password that's easy to guess.
  • Do not give your password to anyone, ever.
  • Never send anything by fax or e-mail that you
    wouldn't put on the back of a postcard.
  • Do not disclose any personal information without
    the data subjects consent or verifying the
    enquirer (e.g. phone the police officer back via
    the station switch board).

21
Exercise 3
  • Please see Case Study Lost Laptop in your notes.

22
Exercise 3
  • Summary

23
Social Networking
24
What social media tools are you using?
  • Are they for work or social purposes?
  • Or is the line a bit

25
Social Networking
  • Social Media posts are subject to Data
    Protection legislation
  • So, think before updating that Facebook status!

26
The Internet Doesnt Forget!
27
Exercise 4
Email data-protection_at_bradford.ac.uk with any
queries you may have.
  • What did you get from this session?
  • Please write down 3 things that you are going to
    do when you get back to the office regarding the
    DPA issues raised here today.

28
Thank You!
  • Please email
  • data-protection_at_bradford.ac.uk
  • with any queries you may have.
  • www.bradford.ac.uk/data-protection
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Data Protection Act 1998" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!