Data Protection Act Explained

There has been some confusion concerning the data protection act, so I have decided that I will do my best to have it explained to you how it was explained to me. It’s not as confusing as it sounds, once you have it explained to you in a much simpler way.

The data protection act came into force on March 1st of 2000, and it is designed to protect the way that your personal data is used by organizations. This data contains information that is collected from employees, customers, business contacts and even suppliers. The information that is collected varies from personal data to sensitive data. The best way that the data protection act can be explained is that it, strengthens the right of the individual. The revision of this 1998 act has set new rules for the transfer of data outside the European Union. So it’s much better today for you.

Personal data is your name, address, phone number, payroll information. And sensitive data will be your social security number, sexual orientation, medical conditions, and other information that you do not want in just anybodies hands. But don’t worry too much, there are many rules and regulations in place that do protect your sensitive data. There is strict security measures that must be in place to protect it, and there are other laws that are coming into place to make it even stricter.

There are eight data protection principles and they are as follows,

Personal data must be processed fairly and lawfully.

Personal data must be obtained only for specified and lawful purposes and must not be processed further in any manner incompatible with those purposes.

Personal data must be adequate, relevant and not excessive in relation to the purposes for which they were collected.

Personal data must be accurate and, where necessary, kept up to date.

Personal data must not be kept longer than is necessary for the purposes for which they were collected.

Personal data must be processed in accordance with the rights of data subjects.

Personal data must be kept secure against unauthorized or unlawful processing and against accidental loss, destruction or damage.

Personal data must not be transferred to countries outside the European Economic area unless the country of destination provides an adequate level of data protection for those data. This is a mandatory act that every single company must comply with, and if they don’t they will be prosecuted and they will lose their business because of it.