The Information Commissioner’s Office (ICO) have released a guide to Key definitions of the Data Protection Act. This is a valuable resource that covers a wide variety of topics and issue surrounding Data Protection and how you can protect yourself and those who are involved with your Village Hall.

Each section has a brief description and example followed by a link to a more in-depth discussion, PDF’s and articles on the topic for further reading.

 

What type of information is protected by the Data Protection Act?

The Act regulates the use of “personal data”. To understand what personal data means, we need to first look at how the Act defines the word “data”.

Data means information which –

(a) is being processed by means of equipment operating automatically in response to instructions given for that purpose,

(b) is recorded with the intention that it should be processed by means of such equipment,

(c) is recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system,

(d) does not fall within paragraph (a), (b) or (c) but forms part of an accessible record as defined by section 68, or

(e) is recorded information held by a public authority and does not fall within any of paragraphs (a) to (d).

Paragraphs (a) and (b) make it clear that information that is held on computer, or is intended to be held on computer, is data. So data is also information recorded on paper if you intend to put it on computer.

Relevant filing system (referred to in paragraph (c) of the definition) is defined in the Act as:

any set of information relating to individuals to the extent that, although the information is not processed by means of equipment operating automatically in response to instructions given for that purpose, the set is structured, either by reference to individuals or by reference to criteria relating to individuals, in such a way that specific information relating to a particular individual is readily accessible.

This is not an easy definition. Our view is that it is intended to cover non-automated records that are structured in a way which allows ready access to information about individuals. As a broad rule, we consider that a relevant filing system exists where records relating to individuals (such as personnel records) are held in a sufficiently systematic, structured way as to allow ready access to specific information about those individuals. For further guidance see the FAQs about relevant filing systems.

Other information that this article covers:

  • What type of information is protected by the Data Protection Act?
  • What is personal data?
  • What activities are regulated by the Data Protection Act?
  • Who has rights and obligations under the Data Protection Act?
  • Who determines the “purpose and manner” of processing?
  • What about processing that is required by law?
  • How long do data protection rights and duties last?
  • What are the other key definitions in the Data Protection Act?

To read the entire document or to download a PDF version of their guide please visit the Information Commissioners Website  

Leave a Reply