The Data Protection Act 1998 - PowerPoint PPT Presentation

About This Presentation
Title:

The Data Protection Act 1998

Description:

Head of Information Sharing. Information Commissioner's Office ... otter holts becoming known, has been taken out of the licences for data protection purposes. ... – PowerPoint PPT presentation

Number of Views:38
Avg rating:3.0/5.0
Slides: 27
Provided by: spen6
Category:
Tags: act | data | otter | protection

less

Transcript and Presenter's Notes

Title: The Data Protection Act 1998


1
The Data Protection Act 1998
  • Ken Macdonald
  • Assistant Commissioner Scotland
  • Iain Bourne
  • Head of Information Sharing
  • Information Commissioners Office
  • National Data Sharing Forum
  • 4th December 2006

2
Contents
  • The ICO
  • The Data Protection Act 1998
  • Information Sharing

3
The Information Commissioner
Richard Thomas
4
The Information Commissioners Office
  • Regulatory Authority for
  • The Data Protection Act, 1998
  • Privacy Electronic Communications Regulations
    2003
  • The Freedom of Information Act, 2000
  • The Environmental Information Regulations, 2004

5
The Information Commissioners Office
  • NOT the Regulatory Authority for
  • The Freedom of Information (Scotland) Act, 2002
  • The Environmental Information (Scotland)
    Regulations, 2004

6
The Information Commissioners Office
  • Promotion of the legislation
  • Resolution of complaints
  • Maintenance of the register of data controllers
  • Prosecution of offenders (not Scotland)
  • Influencing public policy

7
The Data Protection Act
8
The Data Protection Act
9
The Data Protection Act
10
The Data Protection Act 1998
  • Confers Individual Rights
  • Provides Framework for Record Management the
    Data Protection Principles

11
Data Protection Act 1998
  • Applies to certain manual files as well as
    electronic data
  • Introduced the concept of sensitive personal
    data
  • Restricted transfers of data to countries outside
    the EEA
  • Requires secure processing
  • Established 8 DP principles

12
Individual Rights
  • Access to personal data
  • Prevention of processing causing distress and/or
    damage
  • Prevention of Direct Marketing
  • Prevention of automated decision making
  • Rectification, erasure, destruction
  • Compensation
  • Request for Assessment

13
The Data Protection Principles
  • Data must be
  • 1. processed fairly and lawfully
  • 2. obtained only for specified lawful purposes
  • 3. adequate, relevant and not excessive
  • 4. accurate and kept up-to-date

14
The Data Protection Principles
  • 5. kept for no longer than is necessary
  • 6. processed in accordance with the rights of
    data subjects
  • 7. kept secure against unauthorised
    processing and accidental loss or destruction

15
The Data Protection Principles
  • Data must not be
  • 8. transferred outside the EEA unless the country
    has an adequate level of protection for the
    rights of data subjects in relation to data
    processing.

16
Conditions for Processing - Definitions
  • Personal Data
  • relates to a living person who can be identified
    from those or from those and other information
    and includes opinions and intentions
  • Sensitive Personal Data
  • relates to racial or ethnic origin, political
    opinions, religious beliefs, trade union
    membership, health, sexual life, criminal activity

17
Conditions for Processing Schedule 2
  • 1. The data subject has given his consent  
  • 2. It is necessary for contractual reasons   
  • 3. It is necessary for compliance with any legal
    obligation      

18
Conditions for Processing Schedule 2
  • 4. It is necessary in order to protect the vital
    interests of the data subject.
  • 5. It is necessary for the administration of
    justice or other public functions
  • 6. There are legitimate reasons to process which
    do not infringe on the rights of the data subject

19
Conditions for Processing Schedule 3
  • 1. The data subject has given his explicit
    consent
  • 2. To comply with employment law   
  • 3. To protect vital interests where it cannot be
    reasonably expected to gain consent

20
Conditions for Processing Schedule 3
  • 4. For the legitimate activities of
    not-for-profit political, religious and similar
    organisations
  • 5. The data subject has made the information
    publicly available
  • 6. In connection with legal advice or proceedings

21
Conditions for Processing Schedule 3
  • 7. The administration of justice or public
    functions
  • 8. For medical purposes by a health professional
  • 9. Equal opportunities monitoring

22
Be clear of your intentions
23
Be aware of individual rights
24
Be clear with each other
25

More information
26
Contact
  • The Information Commissioners Office
  • 28 Thistle St
  • EDINBURGH
  • EH2 1EN
  • 0131 225 6341
  • scotland_at_ico.gsi.gov.uk
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "The Data Protection Act 1998" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!