The Data Protection Act 1998 ( DPA) is the main piece of legislation that deals with storing and processing information. The Act provides a set of principles to ensure that personal information is used only for legitimate purposes. The principles state that personal data must be:
- fairly and lawfully processed;
- processed for limited purposes;
- adequate, relevant and not excessive;
- not kept for longer than necessary;
- processed in accordance with the individual's rights;
- kept secure; and
- not transferred abroad without adequate protection
A DPA compliance check ( Annex B) has been carried out as part of this PIA and we are content that this complies with the requirements of the DPA.
Human Rights Act (Article 8). This Article provides that everyone has the right to respect for their private and family life, home and correspondence.