DATA PROTECTION
The Data Protection Act contains eight Data Protection Principles. These state that all data must be:
- Processed fairly and lawfully
- Obtained & used only for specified and lawful purposes
- Adequate, relevant and not excessive
- Accurate and where, necessary, kept up to date
- Kept for no longer than necessary
- Processed in accordance with the individual,s rights (as defined)
- Kept secure
- Transferred only to countries that offer adequate data protection
The Data Protection Act requires that appropriate security measures are in place to safeguard against unauthorised or unlawful access/processing of personal data.
Data Protection Act 1998 Chapter 29