Legislation affecting IT.
* The Digital Economy Act: This is basically a long set of instructions to Ofcom to draw up guidelines for rights holders and ISPs on how they deal with net piracy. http://news.bbc.co.uk/1/hi/technology/8604602.stm
- The Data Protection Act. - http://news.bbc.co.uk/1/hi/uk/3344075.stm
- aimed at protecting the rights of the individual to privacy.
- If an organisation holds data on individuals it must register under the act.
- Personal Data should be processed fairly and lawfully.
- Personal Data should be held only for registered purpose/s.
- Personal Data should not be disclosed in anyway other than lawfully and within the registered purpose.
- Personal Data held should be adequate and relevant and not excessive for the required purpose.
- Personal data should be accurate and kept up-to-date.
- Personal data should not be kept for longer than is necessary.
- Data must be processed in accordance with the rights of the data subjects.
- Appropriate security measures must be taken against unauthorised access.
- Individuals should be informed about the data stored and should be entitled to have access to it and be able to correct errors.
- Personal data cannot be transferred to countries outside the European Union unless the country provides an adequate level of protection.
- The Computer Misuse Act - http://www.bbc.co.uk/schools/gcsebitesize/ict/legal/1dataandcomputermisuserev2.shtml
- Before this act it was not possible to prosecute a 'hacker'. The act created 3 new offences.
- Unauthorised access to computer material (viewing data which you are not authorised to see).
- Unauthorised access with intent to commit or facilitate commission of further offences (hacking).
- Unauthorised modification of computer material.
- Copyright Designs and Patents Act - http://news.bbc.co.uk/1/hi/england/somerset/8221014.stm
- This act protects software developers from having their software copied and pirated.
- A software audit should be carried out by an organisation to ensure all its software is legal.
- Health and Safety - not applicable to the security report
- Both employers and employees are obliged to implement the relevant Health and Safety provisions, which are designed to provide a safe and healthy working environment.