| |
Confidentiality ...continued
THE DATA PROTECTION ACT
Seeing that some organisations legitimately hold
confidential information (personal data) on their files, eg. hospitals, banks,
credit card companies etc. it has become necessary to safeguard that
information from falling into a third party's hands, so in 1981 the Council of
Europe Convention drew up the Data Protection Act which was endorsed by the
British Government. It contains the following eight articles:-
1. The information to be contained in
personal data shall be obtained, and personal data shall be processed, fairly
and lawfully.
2. Personal data shall be held only for
one or more specified and lawful purposes.
3.
Personal data held for any purpose or purposes shall not be used or disclosed
in any manner incompatible with that purpose or those purposes.
4. Personal data held for any purpose or purposes
shall be adequate, relevant and not excessive in relation to that purpose or
purposes.
5. Personal data shall be accurate, and
where necessary, be kept up-to-date.
6. Personal data
held for any purpose or purposes shall not be kept longer than is necessary for
that purpose or purposes.
7. An individual shall be
entitled:
a) At
reasonable intervals and without undue delay or expense:
i.
to be informed by any data user whether he holds personal data of which that
individual is
subject,
and,
ii. to
access any such data held by a data user, and,
b) Where
appropriate, to have such data corrected or erased.
8. The duty of Data Bureaux: Appropriate security
measures shall be taken against unauthorised access to, or alteration,
disclosure or destruction of, personal data and against accidental loss or
destruction of personal data.
|
