Why Was The Data Protection Act Introduced

In 1984 the Data Protection Act was first introduced. It was intended to integrate already existing protection laws. It gave protection to individuals and their personal data to keep it from being misused. The Act also set down many rules of how organizations can use that information. In 1998 it was revised and edited, making some important changes that went into effect on March 1, 2000.

The Data Protection Act gives the individual rights. It states that organizations that record personal data must be forthcoming about the use of the information. The Act also allows you to find out what information is on computers and sometimes manual (paper) records. It governs the "collection, storage and use" of personal data.

There are eight principles that are stated in the act.

1. Fairly and lawfully processed 2. Processed for limited purposes 3. Adequate, relevant and not excessive 4. Accurate 5. Not kept for longer than is necessary 6. Processed in line with your rights 7. Secure 8. Not transferred to countries without adequate protection

Personal data is information regarding any living individual in a system. Personal data includes any identifiable information about them, such as name, address, phone number, etc. Sometimes they may also include some form of images.

There is also a sub section that is called sensitive personal data. This sub section includes information regarding ethnic origin, political or religious beliefs, sexual orientation, and physical or mental health conditions. Through the Data Protection Act this type of information has a bit of a stricter guideline.

There are certain rights that the individual is allowed. They have the right to access their own personal data. They are also allowed to object to certain processing that would cause them damage or distress. The individual has the right to object to direct marketing and also they have the right to object to automated decision taking.

Even though the Data Protection Act gives the individuals the right to have access to their own personal data, the organization may charge a fee. They may require the individual to make a written request and to verify their identity.

During the beginning days of the internet and with the expansion of so many personal computers, it is not hard to see why The Data Protection Act was needed. After being revised almost 15 years later and finally being put into force 2 years after that, it is obvious all the information that has been protected by this act.