Data Protection Acts 1984 and 1998

Guidance Document - Foreword

The Data Protection Act 1984 received the Royal Assent on 12 July 1984. It was the first piece of legislation in the United Kingdom to deal with the use of computers and its purpose is to protect information about individuals held on computers and to enforce a set of standards for the processing and use of such information. The Data Protection Act 1998 came into force on 1 March 2000 and will (until all the sections of the 1998 Act are in force) supplement the 1984 Act.

This document is issued for the benefit of staff and to provide guidance on the implementation of the Acts and also the personal responsibilities of staff involved in the use of personal data.

As Council employees we will inevitably come across personal data in the course of our employment. The Acts will therefore apply to you - it is in your interests to make yourself aware of the Acts and of the guidance in this document.

Introduction

The Data Protection Acts 1984 and 1998 requires the Council to ensure that personal data is kept secure in particular the eighth Data Protection Principle says that :-

"Appropriate security measures shall be taken against unauthorised access to, or alteration, disclosure or destruction of, personal data and against accidental loss or destruction of personal data"