What Is the Data Protection Act of 1998?


Quick Answer

The Data Protection Act of 1998 is a set of laws in the United Kingdom that controls how companies and the government use personal information and gives rights to individuals who have information stored about them, explains Pinset Masons. These laws, which took effect on March 1, 2000, require all data controllers who process personal information register with the Information Commissioner and follow a set of eight data protection principles. Additional laws must be followed when handling certain sensitive data.

Continue Reading
Related Videos

Full Answer

The eight data principles in the Data Protection Act of 1998 require that personal information be accurate, be fairly and lawfully used for specifically stated reasons in a relevant way, be handled in a secure manner and held only for as long as necessary, be processed according to individuals' data protection rights and be transferred outside the European Economic Area only when adequately protected, explains Gov.uk

Sensitive personal data has extra conditions for its use and generally requires explicit consent unless the information is required for compliance with employment law or to exercise legal rights, notes Pinset Masons. Personal data is considered sensitive if it identifies an individual's race or ethnicity, political or religious beliefs, sexual life, physical or mental health, or criminal history.

Learn more about Foreign Laws

Related Questions