HOME | SIGN IN TO GLOW | SCHOOL WEBSITE

General
Purpose Packages Automated
Systems Commercial Data
Processing Computer Systems
Hardware Computer Systems
Software Programming Course
Arrangements

Data Protection Act

 

Why We Need The Act

  1. There is enormous amount of sensitive personal data held on computer like bank or medical information.
  2. To protect the data and people’s rights the Data Protection Act was passed to protect people’s privacy. There is so much private information about people held on computer systems that it is possible for mistakes to be made and for data to get lost.
  3. There are also lots of hackers (people who try to get unauthorised access to data) who are constantly trying to access, copy, change or delete private information.

 

What Companies have to do!

When businesses or organisations keep information about people on computer systems they need to make sure that:

  1. data is backed up: A system of making regular backup copies is necessary. This makes sure that if data is lost it can then be recovered from the backup copy.
  2. data is protected: Anyone who holds data on people must try to protect it from hackers. A common way of doing this is to use IDs and passwords. This is a good system and does restrict access to people who are authorised to see, search through and update data. Unfortunately, it does not stop all hackers.
  3. data is checked for accuracy When data is being entered into a system or being updated people can make mistakes with the result that the data is inaccurate. Unfortunately, despite the fact that businesses and organisations carry out checks
    mistakes still happen and inaccurate data does get stored on computer systems.

 

Our Rights!

 

Exceptions to the Law

Replacement Costs

There is some data you can't see.

If the data is held by the

  1. police,
  2. the security forces or the
  3. Inland Revenue then access is denied.

 

 

Important Terms & Definitions

1. Data Subject :

Data subjects, are the people who have data held about them. Nowadays this includes you, me, everyone.

Data Subjects have the right to:

  1. know if data is held about them on a computer and to have a copy of the data
  2. know why the data is being processed and who is going to receive the data
  3. inspect that data and to have it changed if they think it is inaccurate
  4. ask for compensation if data is inaccurate or if an unauthorised person has been given access to it
  5. prevent processing of data likely to cause damage or distress
  6. be sure that decisions made about them are not made only on the basis of automatic computer processing.

A data subject can also apply to the courts to block the processing of data or to correct, erase or destroy it.

 

2. Data Controller

A Data controller is the person, business or organisation controlling the collection, contents and use of personal data. Under the law the data controller must:

Replacement Costs
  1. Register with the Data Protection Commissioner
  2. Apply for permission to keep personal data on computers
  3. State what data they want to keep, what it will be used for and who has access to it.

 

The data controller must keep to the following data protection principles. All personal data should:

  1. be processed only if the consent of the individual is given, if it is part of a legal contract, if it is essential to a business transaction or the carrying out of public duties.
  2. be held for the specified purposes described in the Register entry
  3. be accurate and where necessary be kept up to date
  4. be relevant and not excessive in relation to the purpose for which they are held
  5. be adequate for the purpose specified
  6. be processed in accordance with the rights of the data subject
  7. be surrounded by proper security
  8. only be transferred to countries outside the EU that have in place adequate security measures as defined in the act.

 

3. Data User

Staff Costs

This is an authorised user within the organisation or business who is given an ID and password that enables them to access data.

A data user in a bank would be one of the bank’s employees.

 

 

 

 

What you have to do!

Either in a new Word Document or in your Brain. Under a Main Heading Data Protection Act complete the following tasks.
  1. What right do people have under the Data Protection Act?
  2. Does this apply to all data held on them on every computer system?
  3. How do businesses and organisations control who accesses personal data?
  4. What is hacking

 

 

What you should now be able to do!

.

 

Continue to 4. The Law! Computer Misuse Act

 

 

 

 

 

 

 

 

Exam Clock

 

Examples

DATA CONTROLLERS

DATA SUBJECTS

 

DATA USERS

 

Home | S1 Topics | S2 Topics
Computing Standard Grade | Info Systems Intermediate II | Info Systems Higher | Internet Safety
Log into Glow | School Website | Contact Us