Data Protection Act - What is the Data protection Act?
Definition: The Data Protection Act of 1998 is the law that governs the processing of personal information.
You must comply with the Data Protection Act (DPA) if your business processes personal information.
The DPA requires that you are open about your use of information as well as follow certain principles for processing that information. The Act also provides individuals with certain rights, including the right of subject access.
The 8 protection principles are that Personal Data must be:
1\. Processed fairly and lawfully 2\. Processed only for one or more specified and lawful purpose 3\. Adequate, relevant and not excessive for those purposes 4\. Accurate and up-to-date data – individuals have the right to have inaccurate personal data corrected or destroyed 5\. Kept for no longer than necessary 6\. Processed in line with the rights of the individuals 7\. Secured against accidental loss, destruction or damage against unauthorised or unlawful processing 8\. Not transferred to countries outside the EU
It is very important to ensure that you take steps to keep your records safe and secure, whether they are manual or computerised and whether you are working from home or office based.