Data Protection Act Eight Principles

LO4 :: Understand the Factors to be Considered when Collecting and Processing Data and Storing Data & Information
Dividing Line

If you need to print this page out, type your name in the box below.

Your Name : 

The Data Protection Act has eight principles about how personal data should be handled by anyone storing the data.

Personal data must be fairly and lawfully processed

This means that personal data must not be collected by misleading the person into providing it and the data collected can only be used lawfully. 

Personal data must be processed for limited purposes

This means that personal data must only be used for the purpose for which it was obtained. 

Personal data must be adequate, relevant and not excessive

This means that personal data that is stored should be just enough for the task to be carried out, only relevant for the task, and not include other data. 

Personal data must be up to date

This means that the person storing the data has a duty to ensure that any data they hold is accurate and free from errors. 

Personal data must not be kept for longer than necessary

This means that data should be destroyed or deleted when it is no longer needed. This should be carried out to ensure that others cannot read or access it. 

Personal data must be processed in line with the individuals rights 

This principle ensures that the persons data is processed so that their rights are respected. 

Personal data must be kept secure 

Any stored data must be secure. The Data Protection Act ensures that businesses that hold data must take precautions against its loss, unauthorised access and damage. 

Personal data must not be transferred to other countries outside the European Economic Area that do not have adequate data protection

Other countries around the world may not have the same level of data protection as the UK, so the act states that personal data must not be sent to countries with lower levels of data protection than those in the UK.

PrintIT Print out this Page

Next  Data Protection Act Key Terms

Last modified: Monday, 29 June 2020, 12:00 PM