Data is not defined
This Act ensures the protection of persons' data that is held with someone or an institution.
citizens, international persons
This Act regulates the protection of data and ensures that the privacy of individuals in relation to their data is maintained. Key details include:
(1) There is hereby established a body to be known as the Information and Data Commission. (2) The Commission shall be a public office, and the provisions of the Public Service Act shall apply to the Commission and its officers.
(1) The Commission shall do all such things as are necessary to protect the personal rights of individuals with regard to their personal data, and shall ensure the effective application of and compliance with this Act, in particular, to the protection of personal data, access, rectification, objection and cancellation of such data. (2) without derogating from the generality of subsection (1), the Commission shall: (a) ensure compliance with the provisions of the Statistics Act (i) with regard to the collection of statistical data and statistical secrecy and (ii) to issue precise instructions and give opinions on the security safeguards in place for files set up for purely statistical purposes (b) to instruct a data controller to take such measures which are necessary to ensure that the processing of personal data is in accordance with this Act (c) provide guidance and instructions on appropriate measures to ensure the security of personal data (d) conduct research and studies, and promote educational activities relating to protection of personal data (e) provide information to persons on their rights connected to the processing of personal data (f) receive reports and claims from a data subject or his or her representative in regard to a violation of this Act, and to take such remedial action as is necessary or as may be prescribed (g) investigate complaints from data subjects and respond to queries of such complaints (h) monitor and adopt any authorisation for transborder flow of personal data, and to facilitate international cooperation on the protection of personal data (i) create and maintain a public register of all data controllers (j) obtain information from data controllers, where information is necessary for the exercise of its functions (k) prepare and disseminate a code of practice for data controllers (l) issue, where applicable, instructions required to bring processing operations in line with the principles of this Act (m) publicise the existence of personal data files, and regularly publish a list of such files and any other information that the Commission deems necessary (n) record all directions received for the Minister in the course of the year (o) perform any other functions that may be conferred on it by the Minister
(1) A data controller, a data processor or a person acting under authorisation of the data controller or the data processor, shall, in order to safeguard the security of personal data, take appropriate technical and organisational security measures necessary to protect personal data from:
Data Protection Acts