Data Protection Act 1998
By Samantha Smith
What is it?
The need for the Data Protection Act
During the second half of the 20th century, businesses, organisations and the government began using computers to store information about their customers, clients and staff in databases. For example:
- names
- addresses
- contact information
- employment history
- medical conditions
- convictions
- credit history
Databases are easily accessed, searched and edited. It’s also far easier to cross reference information stored in two or more databases than if the records were paper-based. The computers on which databases resided were often networked. This allowed for organisation-wide access to databases and offered an easy way to share information with other organisations.
Misuse and unauthorised access to information
- Who could access this information?
- How accurate was the information?
- Could it be easily copied?
- Was it possible to store information about a person without the individual’s knowledge or permission?
- Was a record kept of any changes made to information?
The purpose of the Data Protection Act
How the Data Protection Act works
The Data Protection Act was developed to give protection and lay down rules about how data about people can be used.
The 1998 Act covers information or data stored on a computer or an organised paper filing system about living people.
The basic way it works is by:
- setting up rules that people have to follow
- having an Information Commissioner to enforce the rules
It does not stop companies storing information about people. It just makes them follow rules.