Presentation is loading. Please wait.

Presentation is loading. Please wait.

Learning Intention Legislations impact on security of information

Published byClifford O’Neal’ Modified over 6 years ago

Similar presentations

Presentation on theme: "Learning Intention Legislations impact on security of information"— Presentation transcript:

1 Learning Intention Legislations impact on security of information
By the end of this lesson you will: Be able to name the relevant legislation Identify the key points of the legislation Understand the effect this has on an organisation

2 WHAT ARE THE COMMAND WORDS & HOW DO THEY AFFECT OUR ANSWER?
Homework Questions WHAT ARE THE COMMAND WORDS & HOW DO THEY AFFECT OUR ANSWER? Outline 2 offences under the Computer Misuse Act 1990 (2 marks) Describe ways in which an organisation can prevent computer viruses. (6 marks) is an important method of communication. Describe the impact of on an organisation. (4 marks) Due Friday 25 October

3 Legislation relating to security & confidentiality of information & computer misuse
Data Protection Act 1984 & 1998 Freedom of Information Act 2000 Copyrights, Designs & Patents Act 1988 Computer Misuse Act 1990

4 Data Protection Act 1984 & 1998 The main purpose of this act is to balance the rights of those that lawfully hold our data for processing purposes, and our own rights. Key words relating to the Data Protection Act Personal Data – data about a living individual Data Subject – the individual that the data is about. We have rights that must not be infringed by organisations that hold and process out data Data Controller – the individual/organisation that holds the data e.g. school, college, bank, hospital etc. Data controllers have certain obligations that they must adhere to when holding and processing personal data

5 Data Controller Obligations
They must notify the Information Commissioner’s Office to let them know what personal data they are holding and why. They must also pay a fee and register as a data controller. There are 8 principals that they must adhere to Fairly & lawfully obtained and processed Accurate & up-to-date Adequate, relevant and not excessive Processed for limited purposes Held securely Not retained for longer than necessary Processed in accordance with the individuals rights Not be transferred to countries outside the EU unless the country has adequate protection for the individual

6 Rights of Individual Subject access – you can find out what is held on computer about you Prevent processing – you can ask a data controller not to process the information Direct marketing – you can ask that your data is not used for direct marketing Automatic decision making – you can object to decisions being made on your behalf on account of the data held Compensation – you can claim compensation for damage or distress if the Act is breached Rectify, block, erase and destroy – if the data is not accurate of has opinions based on inaccurate information you can apply to the courts to force the data controller to rectify, block, erase or destroy the data

7 What do we mean by fairly processed?
The data subject must have consented to the processing The processing must be necessary The processing is necessary under a legal obligation, for example, disclosure to check for criminal records of anyone working with minors The processing is necessary to protect the interests of the data subject It is needed to carry out a public function It is necessary to pursue the legitimate interests of the data controller or third parties (unless it could unjustifiably prejudice the interest of the individual)

8 Freedom of Information Act 2000
This act: Applies to public authorities Gives a statutory right to information Provides for the release of exempt information in the public interest

9 Freedom of Information Act 2000
To comply with FOI public authorities must Establish a publication scheme which means they commit to publishing information Classify what information they will publish, such as staff policies Indicate if there will be a charge for publishing the information Therefore the FOI Act means that information previously regarded as “secret” will ultimately be available to everyone

10 Copyright, Designs & Patents Act 1998
Gives the authors of written and recorded works rights about how their works can be used Works covered by the Act include books, films, music and computer programmes Purpose of the Act is to ensure exclusive ownership of the work is retained and no unauthorised copying of the work takes place

11 Copyright, Designs & Patents Act 1998
The Act gives the author/owner rights over their material regarding Copying, adapting and distributing Electronic communication (including broadcasting) Renting or lending to the public Public performances of the work

12 Copyright, Designs & Patents Act 1998
Organisations must be careful not to infringe copyright when it comes to computer software. Each organisation must ensure that They have purchased enough licences for their use Employees do not copy software The content of CD-ROMS is not printed or copied CDs and software are not copied Information from the internet is not copied without permission

13 Computer Misuse Act 1990 This Act makes it illegal to carry out offences against computer systems or the data held on the system. 3 specific offences relate to: Unauthorised access to computer material Unauthorised access with the intention of committing further offences Unauthorised modification of computer material

14 Computer Misuse Act 1990 Access – it is an offence to log on to a computer system using the login details of a colleague or friend; this also applies to people who hack into computer systems Further offences – it is an offence to access a computer system with the intention of deleting or modifying data (you can commit an offence even if you do not succeed in your aim) Modification – it is an offence to modify information on a computer system if you have not been authorised to do so

15 Legislation relating to security & confidentiality of information & computer misuse
Data Protection Act 1984 & 1998 Freedom of Information Act 2000 Copyrights, Designs & Patents Act 1988 Computer Misuse Act 1990

16 Outline 2 offences under the Computer
Homework Solutions Outline 2 offences under the Computer Misuse Act 1990 (2 marks) Unauthorised access of computer material. Unauthorised access with the intent to commit or help further offences. Unauthorised changes to contents of any computer.

17 Homework Solutions Describe ways in which an organisation can prevent computer viruses. (6 marks) Install high quality antivirus software on all computers and ensure that antivirus software is updated regularly. Firewalls can be installed to prevent outside sources accessing system/data. This is important to organisations which run web-sites. Forbid employees from using disks which have been used on computer systems out with the organisation unless checked on a standalone PC. Install software which filters “spam” s. The user can then releases/mark as safe/deletes the as required. Inform and advise staff on organisational procedures e.g. organise training, hands-on demonstrations, prevention of downloading software etc.

18 Homework Solutions is an important method of communication. Describe the impact of on an organisation. (4 marks)

19 Class Questions List 3 principals of the Data Protection Act
Give one example of how an organisation might infringe copyright law when using software Identify 2 pieces of legislation that staff using ICT should be familiar with

20 Class Questions - Solutions
List 3 principals of the Data Protection Act data must be Fairly & lawfully obtained & processed Accurate & up to date Adequate Relevant & not excessive Processed for limited purposes Held securely Not retained for linger than necessary Processed in accordance with the individuals rights Not be transferred to countries outside the EU

21 Class Questions - Solutions
Give one example of how an organisation might infringe copyright law when using software Examples include They have not purchased enough licences for their use Employees copy software The content of CD-ROMS is printed or copied CDs and software are copied Information from the internet is copied without permission

22 Class Questions - Solutions
Identify 2 pieces of legislation that staff using ICT should be familiar with

23 Outline More than naming, but not a detailed description. Candidate will not be expected to develop their answers. Solution

24 Homework Questions Due Tuesday 6 October
Describe the effect of poor file management to an organisation. (2 marks) Establishing good practice in electronic file management is important to all organisation. Discuss the benefits of this and the consequences of poor file management. (8 marks) Due Tuesday 6 October

25 No marks for simply naming
Describe Award one mark for outline plus one for additional comment, illustration or example. Three ways must be described to gain full marks. No marks for simply naming Solution

Download ppt "Learning Intention Legislations impact on security of information"

Similar presentations

Legal Implications of ICT. In this section will look at: Legal Implications of ICT: ☼ Data Protection Act 1998 ◦ The 8 Principles, ◦ The Data Subject.

Legal Implications of ICT. In this section will look at: Legal Implications of ICT: ☼ Data Protection Act 1998 ◦ The 8 Principles, ◦ The Data Subject.
Data Protection.

Data Protection.
Legislation & ICT By Savannah Inkster. By Savannah Computer Laws 1.Data Protection ActData Protection Act 2.Computer Misuse ActComputer Misuse Act 3.Copyright,

Legislation & ICT By Savannah Inkster. By Savannah Computer Laws 1.Data Protection ActData Protection Act 2.Computer Misuse ActComputer Misuse Act 3.Copyright,
The Health and safety Act, is an act to make further provision for securing the health and safety and welfare of persons at work.For protecting others.

The Health and safety Act, is an act to make further provision for securing the health and safety and welfare of persons at work.For protecting others.
Legislation in ICT.

Legislation in ICT.
University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.

University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.
Health and Safety Legislation

Health and Safety Legislation
Legislation in ICT. Data Protection Act (1998) What is the Data Protection Act (1998) and why was it created? What are the eight principles of the Data.

Legislation in ICT. Data Protection Act (1998) What is the Data Protection Act (1998) and why was it created? What are the eight principles of the Data.
The Data Protection Act The Data Protection Act controls how your personal information is used by organisations, businesses or the government. Everyone.

The Data Protection Act The Data Protection Act controls how your personal information is used by organisations, businesses or the government. Everyone.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection Overview

Data Protection Overview
The Data Protection Act

The Data Protection Act
The Legal Framework Can you work out which slide each bullet point should go on?!

The Legal Framework Can you work out which slide each bullet point should go on?!
CENTRAL SCOTLAND POLICE Data Protection & Information Security Stuart Macfarlane Information Governance Unit Police Service of Scotland.

CENTRAL SCOTLAND POLICE Data Protection & Information Security Stuart Macfarlane Information Governance Unit Police Service of Scotland.
General Purpose Packages

General Purpose Packages
Law Additional Exercise ANSWERS. Question #1 (a) Any one of: gain unauthorised access (1st) to computer material (1) gain (unauthorised) access to computer.

Law Additional Exercise ANSWERS. Question #1 (a) Any one of: gain unauthorised access (1st) to computer material (1) gain (unauthorised) access to computer.
The Data Protection Act 1998 The Eight Principles.

The Data Protection Act 1998 The Eight Principles.
OCR Nationals Level 3 Unit 3.  To understand how the Data Protection Act 1998 relates to the data you will be collecting, storing and processing  To.

OCR Nationals Level 3 Unit 3.  To understand how the Data Protection Act 1998 relates to the data you will be collecting, storing and processing  To.
Data Protection Act AS Module 1 10.8 Heathcote Ch. 12.

Data Protection Act AS Module Heathcote Ch. 12.
Data Protection Corporate training 2012. Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.

Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.

Similar presentations

Ads by Google