Freedom Of Information And Data Protection Legislation example essay topic
Political opinion... Religious or spiritual belief... Whether or not a member of a trade union... Physical or mental health or condition... Sexual life... The record of any alleged or actual criminal activity or sentencing...
(HMSO, 1998, PartI). The act comprises the following eight principles: First Principle. As indicated previously personal data must be processed fairly and lawfully and at least one of the processing conditions is met. In relating this to Council in the case of processing sensitive personal data, the data must be processed fairly and lawfully and at least one of the conditions for processing sensitive personal data is met.
Second Principle. Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes. Third Principle. Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
Fourth Principle. Personal data shall be accurate and where necessary kept up to date. Fifth Principle. Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
Sixth Principle. Personal data shall be processed in accordance with the rights of data subjects under this act. Seventh Principle. Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data. Eighth Principle.
Personal data shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data. (HMSO 1998, cited by DOH, 2000, pp. 1-8). Clearly, the above legislation reinforces the importance of managing information and knowledge within a contemporary organisation such as Council. Such legislation not only seeks to safeguard the rights of service-users who access my organisation but also to offer rules to Council in terms of appropriateness of processing information and knowledge. In effect, such legislation helps Council to manage information and knowledge efficiently and effectively. I would now like to refer to The Freedom of Information Act 2000, which was passed on 30 November 2000.
It gives a general right of public access to all types of 'recorded' information held by public authorities, sets out exemptions from that general right and places a number of obligations on public authorities. The act only applies to public authorities and not to private entities. However, public authorities are broadly defined in the act and they include not only Government Departments and a long list of public bodies, such as the Post Office, National Gallery and the Parole Board, but also schools, colleges and universities. Private entities, such as 'spin-off' companies that are wholly or largely owned by a 'public authority' will also be subject to the act (CPS, 2005, pp. 1-15, The Internet).
Public authorities have two main responsibilities under the act: 1) They must produce a 'publication scheme,' a guide to the information they hold which is publicly available e.g. prospectuses, almanac. Each authority's publication scheme must be approved by the Information Commissioner, a new post that the act creates with the remit of overseeing both Freedom of Information and Data Protection legislation. 2) They must deal with individual requests for information. Individuals already have the right to access their personal data held on computer and in some paper files under the Data Protection Act 1998. This is known as the 'subject access right. ' The Freedom of Information Act permits individuals to access all other types of non-personal information that public authorities hold subject to exemptions in the Act.
(JISC, 2005, pg. 1, The Internet). The act creates a general right of access to information held by public bodies, but also sets out 23 exemptions where that right is either dis applied or qualified. In relating these County, the following exemptions should be noted: a) Information intended for future publication. b) Investigations and proceedings conducted by public authorities. c) Personal information -if institution believes that disclosure would not breach any of the data protection principles, but the individual who is the subject of the information has properly served notice under section 10 Data Protection Act 1998 that disclosure would cause unwarranted substantial damage or distress. d) Commercial interests. e) Information provided in confidence. (HMSO, 2000, Part II, sections 21 - 44)..