Employment law Data protection Employment Law Features

How did you do?

by Personnel Today 24 May 2005

To continue reading please register or login to your OHW+ account.

1. Answer: (c)

Explanation: There are eight data protection principles put in place by the Data Protection Act 1998. These say that data must:

- be processed fairly and lawfully

- be processed for limited purposes

- be adequate, relevant and not excessive in relation to the processing purpose(s)

- be accurate and kept up to date

- not be kept for longer than necessary

- be processed in line with the data subject's rights

- secure

- not be transferred to countries without adequate data protection.

2. Answer: (a)

Explanation: While data held in a 'relevant filing system' is covered by the Data Protection Act 1998, manual files that are not stored in an organised way are unlikely to be included.

3. Answer: (c)

Explanation: 'Sensitive personal data' includes information about an individual's racial or ethnic origin, political opinions, religious or other beliefs, trade union membership, physical or mental health condition, sex life, and criminal proceedings or convictions.

4. Answer: (b)

Explanation: The first data protection principle in the Data Protection Act 1998, Schedule 1, prohibits the processing of sensitive personal data unless one of the conditions in Schedule 3 is met. The condition in paragraph 10 of Schedule 3 is that the processing of sensitive personal data is carried out in circumstances specified by the Secretary of State. Such circumstances are specified in the Data Protection (Processing of Sensitive Personal Data) Order 2000. Neither the Data Protection Act 1998, Schedule 3, nor the Data Protection (Processing of Sensitive Personal Data) Order 2000 specifies the condition set out in (b).

5. Answer: (a)

Explanation: The Data Protection (Subject Access) (Fees and Miscellaneous Provisions) Regulations 2000, regulation 3 provides that, except in specified cases, the maximum fee that a data controller can charge for access to data under the Data Protection Act 1998, section 7(2) is 10.

6. Answer: (c)

Explanation: Under the Data Protection Act 1998, section 7(10) an employer must respond to a subject access request within 40 days once it has the fee for the request together with any further information that it reasonably requires to satisfy itself as to the identity of the person making the request and to locate the required

Personnel Today

Tribunal applications fall by 24% under statutory procedures

How behavioural economics can shape your business (Webinar) PROMOTED | Do you define business success by large-scale achievements or dramatic changes...Read more
Talent turmoil: hiring in a post-pandemic world (webinar) PROMOTED | The pandemic has created a perfect storm for resourcing professionals...Read more
Menopause: Fostering a culture of inclusion at work (webinar) PROMOTED | For organisations committed to fostering a diverse and inclusive culture, not offering menopause support is no longer an option...Read more
Digitising HR in the new world of work PROMOTED | HR teams are increasingly having to rely on technology to keep employees connected...Read more
A guide to buying an RPO PROMOTED | A successful relationship starts by setting up an equal partnership from the off...Read more

How did you do?

Tribunal applications fall by 24% under statutory procedures

Over-50s campaign could signal end of golden age

You may also like