Overview of the Data Protection Act

Overview of the Data certificate ActTask 2For the purpose of this task. I am going to do the followingI am going to talk of the Data Protection Act.I am going to discuss what the entropy protection is.I am going to discuss the rights to a psyches personal protection.I am going to look at the aims to their rights.I go out identify the rights of people in relation to the data protection, and throw eight samples.I will look at when these rights do not apply.I will discuss how a person can nourish portal to their exposit.I will discuss the role of the Data Commissioner.I will also discuss the role of the Data pass receiver.The role of the Data Controller will also be discussed.I will give two examples of breach of data legislation relating to healthc are.1. What is Legislation?Legislation governs conference in Ireland concerned with communication freedom of training act.It was amended in 2003 and is called the Data Protection Act.What is the Data ProtectionWhen you give perso nal details to an organisation or individual, they have a duty to keep these details private and safe.This process is known as Data Protection. They refer to organisations or individuals who control the contents and use of a persons details as data controllers.Most people give information to the highest degree themselves to groups much(prenominal) as Government bodies, i.e, banks, insurance companies, medical professionals and telephone companies to use their serve up or meet a certain source.Under data Protection Law, you have the rights regarding the use of these personal details and data controllers have certain responsibilities in how that handle this information.Identify the rights of people in relation to Data ProtectionThe right to have your details used in line with Data Protection Regulations.The right to information about your personal details.Thee right to prevent the use of your personal details.The right to change or terminate your personal details.The right to remo ve your details from a direct marketing list.The right to refuse direct marketing calls or mail.The right to object.The right to freedom from automated conclusiveness making.When have you the right to Data Protection?You Have the right to Data Protection when your details areHeld on a computer.Held on paper or separate manual form as part of a filling system.Made up a photograph or video recordings of your image or recordings of your voice.What are the aims of these rights?Data Protection rights will help you make sure that the information stored about you isFactually correct.Only available to those who should have it.Only used for state purposes.When do Rights not Apply?The rights does not apply, however, in a small number of cases, where it could harm certain interests for example, when someone ids investigating an offence.How do I beseech access to my details?You can ask for a copy of all your personal details by writing to both organisation or either You can also ask the Data Controller to inform you of any opinions given about you, unless the Data Controller considers that the opinions are confidential.Even in such cases, your rights to such information will usually be greater than the right of the person who gave this information will usually be greater than the right of the person who gave this opinion in private.8. What is the Role of the Data Commissioner?The role of the Data Commissioner aims to make sure that those rights are being upheld and that Data Controllers respect data protection rules.summary proceedings for an offence under the Data Protection Act may be brought and prosecuted by the data Protection Commissioner.The Role of the Data ControllerA Data Controller is the individual or the legal person who controls and is responsible for the keeping and use of personal information on a computer or in structured manual files.Will keep or process any information about living people.They are responsible for the personal data which it holds. They decide what personal information is going to be kept.They decide the use to which the information will be put.The Role of the Data Receiver.A Data Receiver is a person who provides personal information about themselves to a variety of organisations for a whole range of purposes i.e, when you go to the doctor you give him/her information about yourself, name, address, date of birth, if you have children, and your phone number.Give two examples of Data LegislationSample OneThe office received a ailment from a solicitor acting on behalf of a data subject concerning the alleged further proceedings of the complaints personal data contained in medical records held by her General practician (G.P.).It was alleged that medical records relating to the complaint were released to an restitution Company by her G. P, following a asking made to her G.P.The complaint stated that the G.P, had received a request from an Insurance Company, look foring the plaintiff medical records, relating to a knee joint injury she had suffered.It was alleged that, in replying to this request, the G.P, not only realised data relevant to the knee injury, but also disclosed other sensitive medical information including cervical smear test results, colposcopy, correspondence regarding lesions and records relating to Carpel Tunnel Syndrome, none of which were related to the knee injury.We wrote to the G.P, and we asked that he provide an explanation as to what had occurred in this case. He responded stating that an Insurance Company had requested relevant information with respect to the patient concerned and her knee injury. He informed us that the request received, stated that it required copies of clinical consultations/surgery notes, investigations and associated results, treatments, referrals, out-patients appointments and repeat prescriptions from 18 02 2009 to the present date.He stated that, inadvertently, copies of the patient records were supplied to the Insurance Company with some details which were not relevant to her knee injury and that this was obviously an oversight.He stated that he was deeply sorry that he has caused any distress or upset to his patient, whom he has known for thirty-five-years.The G.P, stated that the company knew he always endeavoured to keep high standards in the practice and that she should understand his letdown that the system used in releasing this information fell below that standard expected by the complainant and himself.He further stated that he hoped that she would accept his unreserved apology for the inadvertent disclosure of her records to the Insurance Company and that he completely understood how upset and appointed she must be.He say that since this unpleasant and unfortunate error he had overhauled his practice procedures.We wrote to tell the solicitor for the complainant outlining the G.Ps response and also conveying the G.Ps apologies.We stated that this offices approach to complaints is to try to seek a n amicable resolution to the matter which is the subject of the complaint and we asked if his client would like to try to reach an amicable resolution of the complaint.They responded stating that their client wished for a formal decision of the commissioner on the matter.In considering this case, the key issues from a Data Protection perspective was the issue of consent. It was noted from the material provided that the complainant had completed and signed an insurance birdcall form which contained the following consent clause I authorise Financial Insurance Company Limited (the underwriters) to make any enquires and get any information they consider relevant from my doctor, employers or elsewhere. I understand that I must provide evidence to Financial Insurance Company Limited to prove my margin call form. On the same claim form, the complainant supplied details of her accident and explained as follows, Why it prevented her from walking? left knee injury, tore ligaments, recovery time unknown, postponement for knee surgery, on waiting list.The Insurance Company concerned had sought the complainants medical records, supplied the relevant consent form and used the following terms in its request to the G.P.Can you please provide us with copies of the claimants medical records relevant to this claim. This includes all records relating to the medical conditions and associated symptoms which are subject of this claim.It was clear from the Insurance Companies request for medical records that it sought medical records relevant to the claim only. As the claim related to the complainants knee injury, the medical records sought related to that injury and the request did not legislate beyond that. Equally the complainants consent authorised the Insurance Company to make injuries and to get any information concerned relevant from her doctor and others. The consent was distinctly limited to relevant information and it could not be interpreted as extending to all medica l records held by the G.P.This office issued a decision on this complaint which stated that the commissioner was of the opinion, following the investigation of this complaint, that section 2 (1) (C) (ii) of the Data Protection Acts, 1988 2003 had been contravened by the G.P, by the further processing of the complainants sensitive Personal Data in the form of medical records unrelated to her knee injury. The contravention occurred when the G.P, in responding to a request from and Insurance Company, disclosed to that Insurance Company certain medical records of the complainant without her consent.