The Data Protection Act 1998 and the Freedom of Information Act 2000 Es

The Data Protection Act 1998 and the Freedom of Information Act 2000 Introduction ============ For my module computing I have to find research and produce detailed report on freedom of information and the need for security. The information commissioner’s office enforces and oversees the Data Protection Act 1998 and the Freedom of Information Act 2000. I need to read and understand knowledge respecting private lives of individuals and encourage the openness and accountability of public authorities. In the report my aims and objectives will be to cover the following aspects: - What is Data Protection Act 1998 and identify and describe 8 principles. - What is the Freedom Information Act 2000 and how does it build on the Data Protection Act - Privacy and Electronic Communication (EC Directive) Regulation 2003 came into force 11th December 2003. The Information Commissioner’s office mission how does he intend the directive to operate to work in UK. The completion of the report needs to be produced and handed in by Friday 30th April 2004. Executive Summary In this report It will cover all aspects of freedom if information and the need of security covering the Data Protection Act 1998 and the eight essential principles. By promoting good information handling practice and enforcing data protection and freedom legislation and by seeking the influences national and international thinking on privacy of information on medical records. Analysis 1.0 What is Data Protection Act (1998), 8 essential principles? Data is facts of any kind, whether in number or verbal form. Although this is the correct explanation business people are inclined to use the terms to mean numerate information only. Data refers to facts and figures in their raw state, which have still to be processed. If you carry out a survey to count the number of cars and vans which pass your house each day, the number you write down are the data. Every computer should be aware of the Data Protection Act. Every individual on a computer should register with Data Protection Registrar. It is a criminal offence not to register and ignorance of the law is no defence. Once registered, data users must comply with the eight principles of the Data Protection Act (see below 1.1, Page 7). The Data Protection Act, organisations which hold such information have to register with Data Protection and have to agre... ...issioners office ‘What the regulation covers’ www.iformationcommissioner.gov.uk/eventual.aspx?id=94 26/04/2004 Page 1-2 [10] David Baumer, Privacy of Medical Records: it Implications of HIPAA,2000,40-47, 19/4/2004 11 Anthony Browne, The observer, ‘Lives ruined as NHS leaks patients notes’ Sunday June 25 2000, 19/4/2004 [12] Nigel Hawkes, Times online ‘Patient records go on database’ July 21 2003, www.timesonline.co.uk/printfriendly/0,,1-2-751992-2,00.html 19/04/2004 [13] ‘Subject Access and Medical records: fees for access’ Data Protection Act 1998, Compliance advice, 19/4/2004 www.informationcommissionersoffice.co.uk [14] Consumers Advice to safeguard your medical records, www.epic.org/privacy/medical/EPIC_principles.txt 19/04/2004 [15] Thomas C.Rindfleisch, ‘Privacy, information Technology, and Health Care’, August 1997/Vol. 40, No.8, www.artn.nwu.edu/ 19/04/2004 [16] Computer Security Group, Personal Medical Information, Security, Engineering and Ethics, 1995 -99, www.cl.cam.ac.uk/Research/Security/book-j/pmi96.html 19/04/2004 [17] Andrew Wall, The nursing Specialist Group ‘Private worries: public concerns’, March 1997 www.bcsnsg.org.uk/inftouch/vol3/wall.html 19/04/2004