The Data Protection Act and How It Works

Undoubtedly at one time or another you will have made contact with a company or banking institution who during the course of their telephone conversation with you have mentioned the Data Protection Act 1988. Here we look at the Data Protection Act and examine its uses for both companies and individuals alike.

What is the Data Protection Act?

The Data Protection Act is a piece of legislation that is designed to safeguard not only you the consumer but also those companies who hold information about you for use in their business practices. Originally brought into existence in 1988 the act covers the following:

• Information held on computer systems or other electronic storage devices
• Information held in hard copy form (folders, computer print outs etc)

In 2000 the Freedom of Information Act was modified to encompass elements of the Data Protection Act 1988 regarding the storage of personal information for use in the public sector such as hospitals, schools, doctor’s surgeries etc.

As an Individual How Does the Data Protection Act Benefit Me?

The Data Protection Act 1988 gives the consumer the legal right to establish how a company, companies or public sector organisation is storing and using their information. This is helpful especially if there are instances where perhaps possible identity fraud has been uncovered. As an individual you are legal entitled to know the following:

• How your information is stored
• How your information is used
• Who has access to your personal details?
• You may choose to revoke permission for your information to be shared among third parties
• You may reasonably seek compensation if your personal information has been used for purposes other than it was intended

How Does The Date Protection Act Affect Institutions Holding My Information?

Any company or institution who keeps your personal information on file – beit electronically or in hard copy format – must ensure that they adhere to the rules as laid down by the Data Protection Act. Failure to do so could lead to prosecution, a compensation pay-out and also a hefty fine. As a company or public sector institution the following must be carried out under the Act:

• All information must be used only for the purposes it is intended for
• Any personal information must not be passed to a third party without prior consent
• All personal information must be kept strictly for the recommended period of time only
• Companies or institutions must supply copies of all information kept to the individual involved within a set time scale upon request

As mentioned previously a failure to adhere to these rules can lead to a prosecution which can also put the company at risk of losing their ability to store information on private individuals. This in itself can be very damaging to a company’s ability to trade.

How Do I Find out What Information a Company Holds About Me?

If you suspect that a particular company is using your personal information for purposes other than those under which they hold it you should first contact them and ask as to how they are using it. After this if you are not wholly satisfied by the answers given you can ask them in writing to supply you with copies of all the information they hold on you and also to tell you who they have passed this information onto.

If a company fails to give you a satisfactory answer to your questions and indeed fails to supply you with a copy of the relevant information you should contact the Information Commissioner.