Dear goldsmiths-ga;
Thank you for allowing me an opportunity to answer your interesting question.
Simply put, the Data Protection Act 1998 is intended to govern what
can and cannot be done with personal data by those who collect and
handle it and establishes a set of principles to ensure that this is
systematically and consistently carried out.
The Data Protection Act 1998 is an amended version of the original
Data Protection Act 1984. The Data Protection Act 1998 received the
Royal Assent on 16 July 1998 and came into force on 1 March 2000. The
new Data Protection Act is based on the EC Directive 95/46/EC (a
directive of the European Parliament and of the Council):
Directive 95/46/EC: The Data Protection Directive
http://www.dataprivacy.ie/6aii.htm
The UK?s Data Protection Act 1984 was limited in scope with regard to
activities of records managers and archivists because it basically
applied only to computerized information. Since it was fundamentally
ahead of its time and didn?t take into consideration necessary
legislation for future and existing ?paper? archives (sometimes
referred to as ?manual records? or ?manual data?), the 1984 Act was
repealed in favor of a legislative update in order to closely resemble
the undeniably more thorough EU Directive. The result was the Data
Protection Act 1998 and when it took effect the implication was
broadened to include data on structured paper records as well. With
the exception of this point, the 1984 Act was quite effective and
served well and beyond this issue the two Acts are much the same.
The Data Protection Act 1984 made it the legal obligation of those
holding personal data about others to strictly comply with eight ?Data
Protection Principles? and the current Data Protection Act 1998
continues along this same line. These principles are:
Principle #1: Fair and Lawful Processing - The person from whom the
data is obtained must not have been deceived or misled in any way. The
data subject, if the data has been obtained from him, must be told the
name of the data controller and the reason why the data is being
collected. In instances where the data is not obtained from the data
subject, he should be given this information unless doing so it
impractical.
Principle #2: Processing for a Specified and Lawful Purpose ? in other
words, this requires data to be obtained for specified and lawful
purposes only, and not to be further processed in any manner
incompatible with that purpose.
Principle #3: Data not to be Excessive ? meaning that data should not
be collected or retained beyond that which is necessary for the
purpose for which the data is specifically intended.
Principle #4: Accuracy of Data ? that is to say that data must be
current, up-to-date and correct at all times if it is to be retained.
Principle #5: Data not to be kept longer than necessary ? meaning that
research is not to be retained any longer than it serves a significant
and specific current purpose.
Principle #6: Data Subject Rights ? meaning that the rights of data
subjects shall always be observed and taken into consideration.
Principle #7: Security ? Data must be protected against unauthorized
or unlawful processing or loss, destruction or damage
Principle #8: Transfer outside the European Economic Area ? meaning
that data may not be exported outside the European Economic Area
unless to a country or area where the rights of data subjects can be
adequately protected.
As you can see many of the two Acts remain very similar, but there are
some significant differences in that the 1998 Act extends to
protection of data in manual records as well.
Archivists and data managers are still required to register with the
Data Protection Registrar, and to allow people to access to the
records and, if necessary, to correct data that relates to them.
For better insight I might recommend this publication, DATA PROTECTION
ACT 1998: A PRACTICAL GUIDE, by Heather Rowe
AMAZON
http://www.amazon.co.uk/exec/obidos/ASIN/0754501353/026-6177209-5064431
I hope this summarizes the Act well for you without too much legal
jargon but when we are speaking of law much of what must be said must
be said in legal terms. I tried to avoid that as much as possible
offering a layman?s explanation where explanation was necessary.
Below you will find that I have carefully defined my search strategy
for you in the event that you need to search for more information. By
following the same type of searches that I did you may be able to
enhance the research I have provided even further. I hope you find
that that my research exceeds your expectations. If you have any
questions about my research please post a clarification request prior
to rating the answer. Otherwise, I welcome your rating and your final
comments and I look forward to working with you again in the near
future. Thank you for bringing your question to us.
Best regards;
Tutuzdad ? Google Answers Researcher
INFORMATION SOURCES
AMAZON
http://www.amazon.co.uk/exec/obidos/ASIN/0754501353/026-6177209-5064431
DATA PROTECTION ACT
http://www.dataprotection.gov.uk/
DATA PROTECTION ACT 1998
http://www.hmso.gov.uk/acts/acts1998/19980029.htm
PUBLIC RECORD OFFICE: NATIONAL ARCHIVE
DATA PROTECTION ACT 1998
A GUIDE FOR RECORD MANAGERS AND ARCHIVISTS
http://www.pro.gov.uk/recordsmanagement/dp/DataP.html
SEARCH STRATEGY
SEARCH ENGINES USED:
Google ://www.google.com
SEARCH TERMS USED:
DATA PROTECTION ACT 1998
DATA PROTECTION ACT 1984
DIRECTIVE 95/46/EC |
,
0 Comments
)