The Data Protection Act 1998 (DPA) is a United Kingdom Act of Parliament which defines UK law on the processing of data on identifiable living people. It is the main piece of legislation that governs the protection of personal data in the UK. Although the Act does not mention privacy, in practice it provides a way in which individuals can control information about themselves. Most of the Act does not apply to domestic use,[1] for example keeping a personal address book. Anyone holding personal data for other purposes is legally obliged to comply with this Act, subject to some exemptions. The Act defines eight data protection principles.
http://en.wikipedia.org/wiki/Data_Protection_Act_1998
The Key points of the Data Protection Act are:
Data may only be used for the specific purposes for which it was collected.
Data must not be disclosed to other parties without the consent of the individual whom it is about, unless there is legislation or other overriding legitimate reason to share the information (for example, the prevention or detection of crime). It is an offence for Other Parties to obtain this personal data without authorisation.
Individuals have a right of access to the information held about them, subject to certain exceptions (for example, information held for the prevention or detection of crime).
Personal information may be kept for no longer than is necessary and must be kept up to date.
Personal information may not be sent outside the European Economic Area unless the individual whom it is about has consented or adequate protection is in place, for example by the use of a prescribed form of contract to govern the transmission of the data.
Subject to some exceptions for organisations that only do very simple processing, and for domestic use, all entities that process personal information must register with the Information Commissioner's Office.
Entities holding personal information are required to have adequate security measures in place. Those include technical measures (such as firewalls) and organisational measures (such as staff training).
Subjects have the right to have factually incorrect information corrected (note: this does not extend to matters of opinion)
It is there to protect the privacy of people who submit information online so it is not missused or abused. It also means that sites cannot share the information unless you give tem permission to.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment