The Data Protection Act (DPA) means how your information is managed by different organisations, businesses or even the government. The people who are responsible for using the data have to follow the "data protection principles". They must make sure that the information is:
- Used fairly and lawfully
- Used for limited, specifically stated purposes
- Used in a way that is adequate, relevant and not excessive
- Accurate
- Kept for no longer than in absolutely necessary
- Handle according to people's data protection rights
- Kept safe and secure
- Not transferred outside the UK without adequate protection
There is stronger legal protection for more sensitive information, such as:
- Ethnic background
- Political opinions
- Religious beliefs
- Health
- Sexual health
- Criminal records
No comments:
Post a Comment