1 / 8

Data Protection & Information Security: Legal Framework Guide

Understand the Data Protection Act 1998 & Freedom of Information Act 2000, covering legal aspects of data processing, individual rights, and access to official information with insights on the Computer Misuse Act 1990.

bwilbanks
Download Presentation

Data Protection & Information Security: Legal Framework Guide

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IT Security Legal and Ethical Issues

  2. Legal and Ethical Issues • Legal Issues: • Data Protection Act 1998 • Freedom of Information 2000 • Computer Misuse Act 1990

  3. Data Protection Act 1998 • What are the eight principles of the Data Protection Act 1998?

  4. Data Protection Act 1998 • Framework for handling data • Gives individuals right to know what info is held • If you process data you must register with DPA registrar and ensure that personal information is: • Fairly and lawfully processed • Processed for limited purposes • Adequate, relevant and not excessive • Accurate and up-to-date • Not kept for longer than necessary • Processed in-line with your rights • Secure • Not transferred to other countries without adequate protection

  5. Freedom of Information Act 2000 • Access to official information • Individuals or organisations have right to request information from who? • How long do they have to respond? • Can the information be withheld: if so on what grounds?

  6. Freedom of Information Act 2000 • Access to official information • Individuals or organisations have right to request information from: • Any public authority – including local and central government • The police • NHS • Colleges and schools • They have 20 days to provide the information. • May refuse if the information is exempt eg if releasing the information could prejudice national security or damage commercial interests.

  7. Computer Misuse Act 1990 • How many offences are there? • What are they? • What other act(s) cover this area?

  8. Computer Misuse Act 1990 • Three offences: • Unauthorised access to any computer programme or data eg using someone else’s logon ID and password • Unauthorised access with intent to commit a serious crime • Unauthorised modification of computer contents, i.e. impairing the operation of a computer, a program or the reliability of data, includes preventing access to any program or data. E.g. the introduction of a virus, modifying another users files or changing financial or administrative data. • Minor changes to tighten up act introduced through Police and Justice Act 2006, made unauthorised acts with intent to impair the operation of a computer illegal.

More Related