Data protection Act 1998
Data protection act was revised in 1998 and was put into force in March of 2000. The new act changes original definitions and meanings and broadens the scope of the original act. There are eight principles again, but these are altered in form from those of the 1984 act.
Only 48% of SME's have documented procedures in place to ensure compliance. DTI security survey 2002.
Purpose of Act
"To protect the rights of individuals in relation to the processing of personal data by either automatic means or within relevant filing systems"
Main stakeholders are:
*Data subject
*Data controller
*Data commissioner
Data commissioner duties - Richard Thomas
*promoting good information handling
*encouragement of codes of practice for data controllers
Non compliance
*data controller can be ordered to pay compensation
*significant reputation risk
…