Legislation

Data protection act

Data protection principles

Used fairly

For specified purposes

Used adequately and relevant

Accurate

not kept for longer than necessary

Handled in a way that ensures securely

Not transferred to unprotected countries

What rights do data subjects have?

Have their data erased on request

Have incorrect data updated

Access their personal data

Be informed about how their data
is being used

Stop or restrict the processing of their data

Exemptions to the rights

Police investigations

National security

Examination results

2018

Computer and paper

GDPR

effects EU citizens

Fines for breach of law

Smaller offences result in £10 million
fines or 2% of turnover

More serious offences result in
£20 million fine or 4% of turnover

Same as DPA except for some differences

Child consent data processing
down to 13 years old

Those processing criminal
data need official authority

Includes the right to be forgotten

Copyright

Right to control ways creator's
data is used

1988

Forbids

Copying software or pictures
to a friend

Selling a copied copy

Using software on a network

Renting software

Computer misuse act

Hacking

White hat

Permission

Grey hat

Without malicious intent

Black hat

Modify data illegally

1990

Stop unauthorised access

Health and safety at work act

1974

Employers responsibilites

Provide and maintain safety equipment

Provide information, training, instruction and supervision

Safe place of employment

Safe working environment

Provide a written safety
policy/risk assessment

Talk to safety representatives

Employees responsibility

Take care of their own
health and safety

Co-operate with
their employers

Powers of inspector

Rights of entry at
reasonable times

Right to investigate and examine

Right to dismantle equipment

Take substances or equipment

Right to see documents and take copies

Freedom of information act

Public access to any recorded information held by public authorities.

Covered under the DPA.