ABSTRACT
The Data Protection Act 1984 provided that computer-held personal information should be made available to individuals, in order that the person concerned may check the accuracy of the data. The Data Protection Act 1998 replaced and repealed the 1984 Act. The Act applies only to personal data, defined in section 1(1), and confers the right to be informed of whether data is being held and to have that data communicated to the subject. The data covered by the Act is wider than under the 1984 Act and relates to both computer held records and manual files. Disclosure may be refused where it would, inter alia, damage national security, or be counter to the interests of the prevention or detection of crime or the apprehension or prosecution of offenders (sections 28 and 29). The Information Commissioner supervises the operation of the Act, and may issue enforcement notices on any data controller who is not acting in accordance with the principles of the Act (see section 4 and Schedule 1). The Commissioner lays an annual report before Parliament. The Access to Personal Files Act 1987 provides that individuals have the right to inspect records relating to social services and housing tenancies. Medical records prepared for insurance or employment purposes are accessible under the Access to Medical Reports Act 1988. The Access to Health Records Act 1990 gives patients the right to see records held by general practitioners, health authorities or NHS trusts.
