Please enable JavaScript.
Coggle requires JavaScript to display documents.
Data Protection act - Coggle Diagram
Data Protection act
Principals of data protection
only used for the registered purpose it was intended
Kept accurate and up to date
Collected and used fairly and inside the law
Kept safe and secure
Only held for specific reasons
Not kept longer than is necessary
Adequate, relevant and not excessive
No transfer outside the EEA unless the country has data protection
People have the right of handling their data
Right of subject access
Right of correction
Right to prevent distress
Right to prevent direct marketing
Right to prevent automatic decisions
Right of complaint to the information commissioner
Right of compensation
The original 1998 act covers data stored on a computer or paper and introduces a number of roles:
Data controller: Determines what data an organisation collects and how it is collected, processed and stored
Data commissioner: has the power to enforce the data protection act which reports directly to parliament and is appointed by the crown
Data Subject: has data about them stored somewhere outside their direct control
Information covered falls into two categories
Sensitive data
Nationality
Ethnicity
Political Beliefs
Genetics
Biometrics
Personal Data
Address
Bank details
Name
Date of birth
The DPA controls how your personal information is used by companies and the UK government