Data Regulations (GDPR)
The Data Protection Act 1998 sets down rules to ensure we can access personal data and to protect us from data breaches.
A huge and growing number of organisations hold large amounts of personal data about us which includes highly sensitive personal information.
Under the General Data Protection Regulations of 2018, the data protection principles set out the main responsibilities for organisations.
- Information must be processed lawfully, fairly and in a transparent manner in relation to individuals
- Information must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
- The information must be used for what it was gathered for
- The information must be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
- Information must be kept in a form which is easy to find and can be destroyed easily if requested and not kept for longer than necessary, beyond the purposes for which the personal data was obtained for
- The information must be processed in a manner that ensures appropriate protection of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical measures.
Public Sector Data Breaches
While the threat of cybercrime is something that is taken seriously, human error remains the leading cause of data breaches in government organisations such as hospitals, councils and the police.
Common breaches include wrongly releasing information to third parties, sending information to the wrong people, or even putting inappropriate things on social media.
As well as data breaches due to a lack of care, individual police officers sometimes breach data protection laws by accessing data outside of lawful policing purposes.
If you believe your personal data has been unlawfully processed our Civil Liberties and Public Law specialists can help you to apply for compensation or advise you on how to reach a satisfactory position.
2 steps to contacting Howells:
We’ll listen carefully to you, clarify what you’re trying to achieve, and then explain if and how we can help you. We will take some initial information and liaise with a legal professional regarding your case. If it looks like we can help, we will book you in for a consultation with a legal professional.