Data Protection holding personal information // IT Management Solutions

Data Protection holding personal information

1988 Data Protection Act

The previous section introduced the three information standards established by the Data Protection Act. This section looks in detail at the first of those standards - the amount of personal data you may hold.

In brief – what does the Data Protection Act say about the amount of personal data you may hold?

The Act says that:

Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.

This is the third data protection principle. In practice, it means you should ensure that:

  • you hold personal data about an individual that is sufficient for the purpose you are holding it for in relation to that individual; and
  • you do not hold more information than you need for that purpose.

So you should identify the minimum amount of personal data you need to properly fulfil your purpose. You should hold that much information, but no more. This is part of the practice known as “data minimisation”.

What is meant by “adequate, relevant and not excessive”?

The Data Protection Act does not define these words. Clearly, though, they need to be considered:

  • in the context of the purpose for which you are holding the personal data; and
  • separately for each individual you hold information about (or for each group of individuals where the individuals in the group share relevant characteristics).

So, to assess whether you are holding the right amount of personal data, you must first be clear about why you are holding and using it. You should take into account that this may differ from one individual to another.

When is an organisation holding too much personal data?

You should not hold more personal data than you need. Nor should the data you hold include irrelevant details.

Example
A debt collection agency is engaged to find a particular debtor. It collects information on several people with a similar name to the debtor. During the enquiry some of these people are discounted. The agency should delete most of their personal data, keeping only the minimum data needed to form a basic record of a person they have removed from their search. It is appropriate to keep this small amount of information so that these people are not contacted again about debts which do not belong to them.

Where sensitive personal data is concerned, it is particularly important to make sure you collect or retain only the minimum amount of information you need.

If you need to hold particular information about certain individuals only, you should collect it just for those individuals – the information is likely to be excessive and irrelevant in relation to other people.

Example
A recruitment agency places workers in a variety of jobs. It sends applicants a general questionnaire, which includes specific questions about health conditions that are only relevant to particular manual occupations. It would be irrelevant and excessive to obtain such information from an individual who was applying for an office job.

See also:

Read Next

  • khu biệt thự đồi thủy sản hạ long, khu biệt thự đồi thủy sản quảng ninh, khu biệt thự đồi thủy sản phường bãi cháy, đất nền khu biệt thự đồi thủy sản, đất nền khu biệt thự đồi thủy sản hạ long, đất nền khu biệt thự đồi thủy sản quảng ninh khu biệt thự đồi thủy sản khu biet thu doi thuy san ha long, khu biet thu doi thuy san quang ninh, khu biet thu doi thuy san phuong bui choy, dat nen khu biet thu doi thuy san, dat nen khu biet thu doi thuy san ha long, dat nen khu biet thu doi thuy san quang ninh

You might also like

Artists Challenge Giuliani on Censorship

by Lederman

For the full text of this message go to:
Giuliani Issues New Statement on Artists’ Free Speech;
Artists Will Test If He’s Telling The Truth at 11 AM on Wed. 4/25/2001 at NY City Hall
Contact:
Robert Lederman, President of A.R.T.I.S.T.
(Artists’ Response To Illegal State Tactics)
ARTISTpres@aol.com
robert.lederman@worldnet.att.net
(718) 743-3722
'Because we are a City that loves and supports artistic expression so generously, New Yorkers have a unique understanding that the First Amendment protects the right of artists to express their diverse and sometimes controversial views

Packt Publishing - ebooks Account Disaster Recovery using VMware vSphere Replication and vCenter Site Recovery Manager
Book (Packt Publishing - ebooks Account)

VA releases internal audit summary of scheduling practices  — FedScoop
FedScoop reported earlier this week that VA has known for more than a year of serious weaknesses in VistA's identity and access management controls, as well as the scheduling module's overall integration into the enterprise electronic health record system.

Packt Publishing - ebooks Account Learning Veeam® Backup and Replication for VMware vSphere
Book (Packt Publishing - ebooks Account)
Netgear NETGEAR ReadyNAS 316 6TB (6 x 1TB) 6-Bay Network Attached Storage (RN31661D-100NAS)
Personal Computer (Netgear)
  • Dual-core Intel 2.1GHz processor and 2GB on-board memory
  • 6-bays for 24TB maximum capacity (expandable to 44TB with optional EDA500 chassis)
  • Consolidate, backup and share files across Windows, Mac, Linux, iOS and Android devices
  • Modern interface for easy cloud-based discovery and file management
  • Embedded and add-on applications for iTunes, DLNA, and streaming of music and movies to local or internet-connected devices, including smartphones and tablets
  • On-box data protection including XRAID automatic volume expansion, unlimited snapshots, encryption and real-time anti-virus
  • VM-ready with iSCSI support and vSphere/Hyper-V certification
Netgear Netgear ReadyNAS 300 Series 2 TB 2-Bay 2 x 1 TB Enterprise Class HD Network Attached Storage (RN31221E-100NAS)
Personal Computer (Netgear)
  • Dual-core Intel 2.1GHz processor
  • 2-bays for 8TB maximum capacity (expandable to 28TB w/ optional EDA500 chassis)
  • Consolidate, backup and share files across Windows, Mac, Linux, iOS and Android devices
  • Modern interface for easy cloud-based discovery and file management
  • Embedded and add-on applications for iTunes, DLNA, and streaming of music and movies to local or internet-connected devices, including smartphones and tablets
  • On-box data protection including XRAID automatic volume expansion, unlimited snapshots, encryption and real-time anti-virus
  • VM-ready with iSCSI support and vSphere/Hyper-V certification

Related Posts



Copyright © . All Rights Reserved