i) The Data Protection Act 1998 gives individuals seven specific rights in respect of personal data held about them by others. Briefly outline any four of...

      

i) The Data Protection Act 1998 gives individuals seven specific rights in respect of
personal data held about them by others. Briefly outline any four of these the rights.

ii) What controls must a company have to ensure its compliance with the requirements
of Data Protection Act?

  

Answers


gregory
i) The 1998 Data Protection Act gives individuals seven specific rights in
respect of personal data held about them by others.
These are:
1 Right of subject access: Upon making a written request and paying
areasonable fee (currently £10) individuals are entitled to be told whether the
data controller, or someone on their behalf, holds personal data about them and
if so to be given:
?
A description of the personal data;
?
The purposes for which they are being processed; and ?
Those to whom they may be disclosed.
a) Right to prevent processing likely to cause damage or distress:
Individualscan, by written notice, request that a data controller does not process
data that might cause substantial damage or distress.
b) Right to prevent processing for the purposes of direct marketing:
Anindividual can, by written notice, require a data controller to cease processing
data for the purposes of direct marketing.
c) Rights in relation to automated decision-making: An individual can,
bywritten notice, require a data controller to ensure that no decision is made
about them by purely automated means. Where a decision has been made
affecting an individual by solely automated means, the data controller must
inform the individual of the decision.
d) Right to take action for compensation for damages caused by the data
controller: Where an individual has suffered damage and/or distress because
ofa data controller's contravention of the Act, damages can be claimed.
e) Right to take action to rectify, block, erase or destroy personal data: Adata
subject may apply to a court requesting that any inaccurate data relating to
them, including any expressions of opinion based upon inaccurate data, be
rectified, blocked, erased or destroyed.
Right to request that the Commissioner assesses whether any contravention
of the Act has occurred: Any person may ask the commissioner to assess
whetheror not it is likely that any processing of personal data is being, or has been,
carried out in accordance with the Act.
ii) To ensure compliance with Data Protection Act a company should
appointsomeone responsible to carry out the duties of Data Protection Officer.
These duties must include:
a) Performing a regular check that the company's entry in the Register of Data
Controllers is up to date;
b) Ensuring that any processing carried out is in accordance with the purpose(s)
stated in the register;
c) Ensuring that there are adequate controls in place such that communication
from data subjects is promptly dealt with in accordance with their rights;
d) Maintaining a system of controls ensuring compliance with the eight data
protection principles.
gregorymasila answered the question on December 18, 2017 at 13:59


Next: What is a project?
Previous: Computer hardware and software are usually supplied separately. However, the process of evaluation and acquisition should be related to each other as the functioning of...

View More Computer Science Questions and Answers | Return to Questions Index


Exams With Marking Schemes

Related Questions