Raworths LLP
The Eight Data Protection Principles The Eight Data Protection Principles

Legal Articles

Jul 15

The Eight Data Protection Principles

Anyone processing personal data must comply with the eight enforceable principles of good practice. Here is a checklist.

Data must be:

  • fairly and lawfully processed;
  • processed for limited purposes;
  • adequate, relevant and not excessive;
  • accurate;
  • not kept longer than necessary;
  • processed in accordance with the data subject’s rights;
  • secure; and
  • not transferred to countries without adequate protection.

Personal data covers both facts and opinions about the individual. It also includes information regarding the intentions of the ‘data controller’ towards the individual, although in some limited circumstances exemptions will apply. Where personal data is concerned, the definition of ‘processing’ becomes very wide. For example, it incorporates the concepts of ‘obtaining, holding and disclosing’ data.

The Office of the Information Commissioner has now published a consolidated version of the guidance on data protection issues in employment. This brings together the four existing guides on recruitment and selection, employee records, monitoring at work and medical information and is intended to provide employers with a complete manual on data protection in the workplace.

Source: Commercial

  • « Older Entries
  • Newer Entries »

‹  Return to News / Articles

Other Articles

Mar 18

GDPR Guidance

If you have not yet taken steps to ensure your business complies with the General Data Protection Regulation (GDPR), the time to start is now: less than two months remain...


Mar 18

The GDPR and Your Firm's Pension Scheme

The press is awash with comment about the General Data Protection Regulation (GDPR), which will be fully enforced from 25 May 2018. It would be difficult for any organisation not...