Data Protection Act 1998

The Data Protection Act 1984 was introduced with a view to protecting the individual from possible misuse of information stored on computer. The 1984 Act has been replaced by the Data Protection Act 1998, which is much wider in its scope, in that it now includes information contained in paper files in its definition of "data".

Broadly, the Act has two main aims. It gives data subjects (i.e. individuals about whom information is held) certain rights, including the right to access and receive a copy of the information held about them. The 1998 Act also requires data controllers (i.e. bodies who hold information about individuals, such as the Council) to follow the eight data protection principles.

The Information Commissioner has wide enforcement powers in relation to the Act and can serve Enforcement Notices on data controllers and fine them. Breaching the Act can also, in certain circumstances, be a criminal offence.

Ian Smail, Information Governance Manager
Corporate Services
21 City Square
Dundee DD1 3BY
Tel:  01382 434206