Browse Definitions :
Definition

U.K. Data Protection Act 1998 (DPA 1998)

The Data Protection Act 1998 (DPA 1998) is an act of the United Kingdom (UK) Parliament defining the ways in which information about living people may be legally used and handled. The main intent is to protect individuals against misuse or abuse of information about them. The DPA was first composed in 1984 and was updated in 1998.

The text of DPA 1998 contains six major sections called Parts, followed by 16 explanatory notes called Schedules. The Parts outline the basic rights of data subjects, methods in which data may be handled by those who possess it, special exemptions and modes of enforcement. The Schedules explain the Parts in greater detail and elaborate on diverse contingencies and legal interpretations.

The fundamental principles of DPA 1998 specify that personal data must:

  • be processed fairly and lawfully.
  • be obtained only for lawful purposes and not processed in any manner incompatible with those purposes.
  • be adequate, relevant and not excessive.
  • be accurate and current.
  • not be retained for longer than necessary.
  • be processed in accordance with the rights and freedoms of data subjects.
  • be protected against unauthorized or unlawful processing and against accidental loss, destruction or damage.
  • not be transferred to a country or territory outside the European Economic Area unless that country or territory protects the rights and freedoms of the data subjects.

 

Getting started with the Data Protection Act 1998
To explore how DPA 1998 is used in the enterprise, here are some additional resources:
The 'appropriate' way to comply with Data Protection Act 1998: Are you compliant with the U.K. Data Protection Act? Meeting the standards can be a challenge, and even though all companies should be compliant, some aren't. Get information on the regulation's eight principles and learn how to comply.
Complying with the UK Data Protection Act of 1998: Learn about the basic requirements of the U.K. Data Protection Act of 1998 and the minimum every organization should do in terms of data storage and protection to comply.
This was last updated in January 2008

Continue Reading About U.K. Data Protection Act 1998 (DPA 1998)

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

if a company is given incorrect personal data at the outset of a significant financial transaction, can they proceed without checking your personal data. This happened in 2014

Cancel

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • PCI DSS (Payment Card Industry Data Security Standard)

    The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to ...

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

  • compliance framework

    A compliance framework is a structured set of guidelines that details an organization's processes for maintaining accordance with...

SearchSecurity

  • Trojan horse (computing)

    In computing, a Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, ...

  • identity theft

    Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable ...

  • DNS over HTTPS (DoH)

    DNS over HTTPS (DoH) is a relatively new protocol that encrypts domain name system traffic by passing DNS queries through a ...

SearchHealthIT

  • telemedicine (telehealth)

    Telemedicine is the remote delivery of healthcare services, such as health assessments or consultations, over the ...

  • Project Nightingale

    Project Nightingale is a controversial partnership between Google and Ascension, the second largest health system in the United ...

  • medical practice management (MPM) software

    Medical practice management (MPM) software is a collection of computerized services used by healthcare professionals and ...

SearchDisasterRecovery

SearchStorage

  • M.2 SSD

    An M.2 SSD is a solid-state drive (SSD) that conforms to a computer industry specification and is used in internally mounted ...

  • kilobyte (KB or Kbyte)

    A kilobyte (KB or Kbyte) is a unit of measurement for computer memory or data storage used by mathematics and computer science ...

  • virtual memory

    Virtual memory is a memory management capability of an operating system (OS) that uses hardware and software to allow a computer ...

Close