The Data Protection Act regulates how personal data is used and also protects the data subjects from the misuse of their personal data
Before any data is collected about any living individual, the data user must first register with the Information Commission. They will need to give information about:
Before any data is collected about any living individual, the data user must first register with the Information Commission. They will need to give information about:
- what data they want to hold
- how long they intend to keep it for
- what they intend to do with it
- who they might pass it on to
The data user must appoint a named data controller who makes sure that the organisation sticks with these principles. The data controller must be over 18 and has the main responsibility for all data held.
Data subjects have the following rights:
- to see what data is being held about them (there could be a charge for this)
- to have any errors corrected
- to refuse to allow data to be processed for direct mail (also called junk mail)
- to refuse to allow sensitive data (e.g. ethnic orgins, political opinions, religious beliefs, trade union membership) to be processed
- to complain to the data commissioner about any abuse of the act
- to claim compensation if they have been caused damage by the misuse of the act
No comments:
Post a Comment