Wednesday 26 September 2012

Articles on O Level Computer Studies



DATA PROTECTION ACT 1998


The Data Protection Act 1998 sets out rules for processing personal information, and it applies to some paper records as well as those held on computer and some automatically processed data, for example, document image processing, audio/video, photographs and CCTV. The Act gives individuals certain rights, and imposes obligations on those who record and use personal information to be open about how information is used and to follow eight data protection principles:
Data Protection Principles
Personal data must be processed following these principles so that data are:

  1. processed fairly and lawfully
  2. obtained for specified and lawful purposes
  3. adequate, relevant and not excessive
  4. accurate and, where necessary, kept up-to-date
  5. not kept for longer than necessary
  6. processed in accordance with the subject's rights
  7. kept secure
  8. not transferred abroad without adequate protection
Rights of Data Subject (individuals) under the Act
The Data Protection Act 1998 came into force on March 1 2000. The Act gives legal rights to individuals in respect of personal data held about them by others.

Under the Act, personal data must be processed following the Data Protection Principles so that data are:

  1. processed fairly and lawfully and only if certain conditions are met
  2. obtained for specified and lawful purposes
  3. adequate, relevant and not excessive
  4. accurate and where necessary kept up-to-date
  5. not be kept for longer than necessary
  6. processed in accordance with the rights of data subjects
  7. kept secure
  8. not be transferred abroad unless to countries with adequate data protection laws

You are entitled to have access to information held about you, except where releasing that information would breach another person's privacy. You also have rights including rights to prevent processing likely to cause unwarrented damage or distress and to prevent processing for the purposes of direct marketing.

To exercise your rights under the Data Protection Act, you should contact the University Data Protection Officer.
Making a Subject Access Request

If you wish to make a subject access request, your request must be:
made in writing (this may be in electronic form)
accompanied by a fee of £10

Before we can act on your request, we must:
be sure of your identity
be supplied with information from you in order to locate the information you seek

You are entitled:
to be informed whether your personal data are being processed by the University of Cambridge
to have the information constituting the personal data communicated to you

You may apply to access your data in writing in any way you choose. A Subject Access Request Form is made available by the University Data Protection Officer for your convenience.

On receipt of your completed request and payment of the fee, the University of Cambridge is obliged to respond in 40 days. This period may be extended if we need further information from you or if we need to clear the release of someone else's information that forms part of your record. The information that we give to you will include an explanation of any codes contained in it.

The data will be in its latest form.

If you have any reason to believe that the University of Cambridge has not dealt correctly with you, please first take the matter up with the University Data Protection Officer.

If you are still not satisfied, you should contact the Information Commissioner who is officially appointed to consider such complaints. His address is: Office of the Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

0 comments:

Post a Comment