Data Protection: What You Needto Know
Shauna Dunlop1 July 2015
Data Protection Act1998
Why comply?
Legal requirement
Financial implications
Reputational implications
Data Protection Act 1998
• Principles & Privacy
• Key Definitions
• Principles in Detail
• What the Act says about Security
• Individual Rights
• Latest from Europe
Personal Data
Personal data is not just a person’s name
It is any information that relates to or identifies a person and:
Is held on a computer
Is intended to be held on computer
Forms part of a ‘relevant filing system’
Forms part of an ‘accessible record’ (information relating to health or education)
Category ‘e’ data (Public Authorities only)
Information Rights Affects Us All
Fair and lawful
Adequate, relevant and not excessive
Accurate and up to date
Kept for no longer than necessary
Individuals rights
Security
How does it go wrong?
Transfers outside EEA
!CAUTION:
Prevent a data breach
Privacy and Electronic Communications Regulations
Data Protection Regulation
Update from Europe
Key factors
Plan ahead Compliance Reputation