Data Protection Act

Only available on StudyMode
  • Download(s) : 572
  • Published : March 5, 2012
Open Document
Text Preview
Describe the legislation and organisational requirements in care setting such as Queensland that ensure good practise in dealing with confidentiality.


Legalisation means when there is a set of a law or the process in which you are doing and the government has approved it. The three main pieces of legalisation that are connected to confidentiality. They are:

• Data protection act 1998
• Access to personal files act 1987
• Access to medical records act 1990

The following have to follow legislation mentioned above:

• Nurseries-private/government based/child minders/nannies • Hospitals-private/government funded
• Schools-private/government funded
• Doctor surgeries
• Care homes

Data protection act 1998

The Data protection act was developed to give protection and lay down rules about how Data about people can be used.

The 1998 Act covers Information or data stored on a computer or an organised paper filing system about living people.

The basic way it works is by:

1. setting up rules that people have to follow
2. having an Information Commissioner to enforce the rules
What data protection act includes, in Queensland:
• Data must not be disclosed to other parties without the consent of the individual whom it is about, unless there is legislation or other overriding legitimate reason to share the information. It is an offence for Other Parties to obtain this personal data without authorisation. • Individuals have a right of access to the information held about them, subject to certain exceptions.

• Personal information may be kept for no longer than is necessary and must be kept up to date. • Personal information may not be sent outside the European Economic Area unless the individual whom it is about has consented or adequate protection is in place, for example by the use of a prescribed form of contract to govern the transmission of the data. • Subject to some exceptions for organisations that only do very simple processing, and for domestic use, all entities that process personal information must register with the Information Commissioner's Office. • The departments of a company that are holding personal information are required to have adequate security measures in place. Those include technical measures and organisational measures. • Subjects have the right to have factually incorrect information corrected

The act contains eight “Data Protection Principles”. These specify that personal data must be: 1. Processed fairly and lawfully.
• All the service uses such as jean should know about all records kept and be told they are being kept. • Jean must be told with whom information will be shared and why, and asked to give their permission. • Jean must be told of their rights to access the information 2. Obtained for specified and lawful purposes.

• There must be a lawful purpose to hold the data on individuals, for example, to provide, monitor and review services. 3. Adequate, relevant and not excessive.
• Organisations should only keep information they need to provide services, nothing more nothing less 4. Accurate and up to date.
• Before storing the facts they most be checked.
• Jean records should be reviewed regularly to make sure all the information is correct. • Changes to service users circumstances must be recorded 5. Not kept any longer than necessary.

• There must be a deposal date for records. The setting must destroy the records when the data is due. • Adoption records and records of those who committed offences my be kept for 00 years

6. Processed in accordance with the “data subject’s” (the individual’s) rights. • All individuals have the right to access their data and rights as to when data can be passed on and to whom. They have control over their data. 7. Securely kept....
tracking img