R.H.Shumon South Birmingham College S45208512
As a company, collecting data about customer, supplier etc will be a necessity and essentialto produce a database system and analysing those data would produce information whichwill help to improve the structure of the company. Hence the company should know themain principle about Data Act Protection. The Main principle of the Data Act to protectpersonal data which must be according to the law processed fairly and lawfully. If personaldata is collected then a company/individual person who collected the data, should notifythe Information Commissioner to what extend this data will be used and how the data willbe kept secure. This personal data could be collected and processed for limited purposesand this data should be used by the company only the way it mentioned to the InformationCommissioner. This data must be satisfactory, relevant and only give the information itintended for. The data which is collected must be accurate and it is the responsibility of thecompany to try to make sure that the data is correct but if the person, who is asked to givethe information, give false information then the company will not be held responsible for it.The Personal Data collected cant be kept longer than necessary.The person, who has given the information, has the rights to read the information. Thecompany, who is holding this information, is to present that information in a way that itcould be understood by the person whose information being held to that company. Theperson whose data has been collected has the rights to ask for deleting/removing theirinformation from the system. The data which has been collected must be secured andaccessed only by the person/s who has authority to do so, other than that any access will beunauthorized and can be prosecuted according to the law. As many countries, outside theEuropean Union, do not have Data Protection Act this information and data should not betransferred outside the European Union without satisfied security for that data.Earlier Data Protection Act was only related to the information or data stored into acomputer system. This didnt include the data collected and stored in paper file which canbe stored by a company without taking the subjects permission. It was impossible to saywho is holding your data. But Jarvis, Alan Lawson, Jenny Kaye, Allen (p108, 2006) says thatthe Data Protection Act 1998 covers all the means of collecting data and storing it computeror filing cabinet or listing it on a paper. Still the insecurity of the data stored remained, aphysical attack to data bank or where it stored can be prosecuted if the person is caught. Astechnology develops the means of stealing information has also increased. A company musttake all the precaution for security and look after the rights of the subject/s whose data hasbeen collected. Also a company need to maintain a backup and update time to time thedata they collected from the subject.Limitations of these laws are if the culprit is not caught then nobody would be able topunish them according to the law. It is also very hard to track any person who is committingcyber crime.