We use cookies to distinguish you from other users and to provide you with a better experience on our websites. Close this message to accept cookies or find out how to manage your cookie settings.
We use cookies to distinguish you from other users and to provide you with a better experience on our websites. Close this message to accept cookies or find out how to manage your cookie settings.
Published online by Cambridge University Press: 01 June 2019
Introduction
Unlike Freedom of Information and the Environment Information Regulations, data protection is not just a straightforward request for information. It includes requests for personal information, but is also meant to govern how personal data is collected, used, managed and disposed of by organizations.
On 25 May 2018, the General Data Protection Regulation (GDPR) came into force within the EU member states. The Regulation applies in the UK, through the Data Protection Act (DPA) 2018, which also incorporates how to manage personal data relating to law enforcement and intelligence services.
In many ways, the GDPR builds on the Data Protection legislation produced under the previous Directive.
Above all, keep in mind: the main point of data protection is to let individuals know what you are doing with their personal information. Transparency is the key.
Data Protection has a lot of different aspects, so has been divided into three chapters. If you are the official Data Protection Officer (DPO) or supporting that role, you will need to be able to respond on all of the following:
• Chapter 4 covers the basics: the principles, including data breaches, definitions, lawful basis for processing, special categories data and the difference between data controllers and data processors.
• Chapter 5 covers how to respond to requests relating to personal data, including subject access, deletion, portability, marketing and automated processing. In other words, it covers requests from individuals about their data.
• Chapter 6 covers internal enquiries about data protection that you are likely to receive from colleagues. It includes guidance on privacy notices, data protection impact assessments and how to handle the sorts of questions you are likely to receive relating to personal data.
First, though, is an explanation of the differences between the former Directive that led to the 1998 DPA and Regulations.
Regulations and Directives
The GDPR is a Regulation, whereas the EU law it replaces was a Directive. What is the difference?
A Directive is intended to be translated by the EU member states into individual legislation within those states. So the EU Directive (95/46/EC) was the precursor to the 1998 DPA in the UK and similar legislation in the other EU member states. This meant that each piece of legislation based on the Directive had its own individual quirks.
To save this book to your Kindle, first ensure no-reply@cambridge.org is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about saving to your Kindle.
Note you can select to save to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be saved to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.
Find out more about the Kindle Personal Document Service.
To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Dropbox.
To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Google Drive.
