Conor Cunningham P5 P6 M2
Task 1
Use of Information P5
Southern Regional College has decided it is time to update the staff handbook as it is aware
that an increasing number of employees are handling data on a day-to-day basis. You have
been asked to help by producing three sections of the handbook, either for the published
handbook or the business intranet, on issues related to the use of information.
a) Section 1 should explain the following topics including how the organisation
administers these issues:
Legal issues in relation to the use of information.
Ethical issues in relation to the use of information. (P5)
Introduction
This task will investigate the importance of SRC to uphold legal obligations and how they are
relevant to the colleges operations. Three legal issues will be looked at which include;
- Data Protection Act
- Computer Misuse Act
- Freedom of Information Act
These legal issues protect both the SRC from legal actions and the students from harm. If
these acts are ignored, it could leave people at risk or in danger of doing something illegal. It
is important that these acts are followed and adhered to which will ensure the protection of
everyone within the SRC.
Legal Issues
There are three legal issues which SRC must follow and not breach in any way. Following
these legal issues ensure the people who make up the college are safe at all times. Below
will look at each act in more detail.
Data Protection Act 1998
The Data Protection Act controls how people’s information is used and dealt with. Those
responsible for using data must follow a strict protocol. For example, those who make up
SRC. They must ensure that the information is;
used fairly and lawfully
used for limited, specifically stated purposes
used in a way that is adequate, relevant and not excessive
,Conor Cunningham P5 P6 M2
accurate
kept for no longer than is absolutely necessary
handled according to people’s data protection rights
kept safe and secure
not transferred outside the European Economic Area without adequate protection
https://www.gov.uk/data-protection/the-data-protection-act
The Data Protection Act is all about protecting the rights and privacy of people, ensuring
their information is dealt with accordingly and appropriately at all times. SRC comply with
this act successfully. All of the information they have on students is stored privately and not
accessible by the public. For example, a students name, address, contact details and results.
This can be seen by the college, and the particular person in question. However, as SRC
comply with the Data Protection Act, they have strict policies to ensure this information is
handled in the correct way and that the act is not breached.
,Conor Cunningham P5 P6 M2
If SRC don’t comply with the act, it could lead to significant problems. If a student feels their
information isn’t handled in the correct way which abides by the Data Protection Act, they
could take legal action against the college. This could lead to court and potential fines
depending on the severity of the breach of conduct. If a student within the college fails to
comply with the policy, it could lead to a dismissal or possible expulsion from the college.
This act is taken very seriously and is in place at all times. From the SRC Data Protection
Policy, it is clear that the college take the act very seriously and is implemented throughout
the college. The policy shows the responsibility of everyone in the college in
correspondence with the act.
As a result of the SRC having a Data Protection Policy, it means that all staff and students
know how to handle data and information. This ensures that data is handled according to
peoples data protection rights and is kept safe and secure. This is a huge advantage in SRC
as it means that all information is handled in the correct way and is used appropriately.
Subsequently, this allows for a college which is safe and secure and where no individuals
data protection rights are in breach.
, Conor Cunningham P5 P6 M2
“The Southern Regional College (SRC) is committed to protecting the rights and privacy of
individuals, including staff, students and others in accordance with the Data Protection Act
1998 (DPA 1998). In order to comply with the legislation the College aims to ensure that
information about individuals is collected and used fairly, stored safely and securely and not
disclosed to any unauthorised third party.” The act is clearly implemented to the policy of
SRC and this can be seen from the way in which SRC carries out operations such as
protecting students and employee’s information.
http://moodle.src.ac.uk/mod/folder/view.php?id=20120
Computer Misuse Act 1990
The Computer Misuse Act was passed by the British government and was introduced to
fight the growing threat of hackers and hacking. It ensures that the internet and related
technology is used as safely as possible and that people are using the internet appropriately
at all times.
The Act introduced three criminal offences:
1) Unauthorised access to computer material.
2) Unauthorised access with intent to commit or facilitate commission of further
offences.
3) Unauthorised modification of computer material.
The act makes it an offence to access or even attempt to access a computer system without
the appropriate authorisation. It reinforces how important it is to use computers safely and
in the correct way. Since the act was introduced, it has seen a massive decrease in hacking
and related issues. It has also means more people can be disciplined as a result of breaching
the act as the principles of the act are clearly highlighted.
http://www.legislation.gov.uk/ukpga/1990/18/contents
The SRC has an ICT Network Acceptance Use Policy which aims to make the computer
system within the college as safe as possible for all staff and pupils. The general principles of
the policy can be seen below;
All staff and learners of Southern Regional College are permitted and encouraged to
use the College's ICT facilities, including the public Internet, provided that the
conditions of use are adhered to.
The Internet and Intranet are to be used in a manner that is consistent with the
College's standards.
Task 1
Use of Information P5
Southern Regional College has decided it is time to update the staff handbook as it is aware
that an increasing number of employees are handling data on a day-to-day basis. You have
been asked to help by producing three sections of the handbook, either for the published
handbook or the business intranet, on issues related to the use of information.
a) Section 1 should explain the following topics including how the organisation
administers these issues:
Legal issues in relation to the use of information.
Ethical issues in relation to the use of information. (P5)
Introduction
This task will investigate the importance of SRC to uphold legal obligations and how they are
relevant to the colleges operations. Three legal issues will be looked at which include;
- Data Protection Act
- Computer Misuse Act
- Freedom of Information Act
These legal issues protect both the SRC from legal actions and the students from harm. If
these acts are ignored, it could leave people at risk or in danger of doing something illegal. It
is important that these acts are followed and adhered to which will ensure the protection of
everyone within the SRC.
Legal Issues
There are three legal issues which SRC must follow and not breach in any way. Following
these legal issues ensure the people who make up the college are safe at all times. Below
will look at each act in more detail.
Data Protection Act 1998
The Data Protection Act controls how people’s information is used and dealt with. Those
responsible for using data must follow a strict protocol. For example, those who make up
SRC. They must ensure that the information is;
used fairly and lawfully
used for limited, specifically stated purposes
used in a way that is adequate, relevant and not excessive
,Conor Cunningham P5 P6 M2
accurate
kept for no longer than is absolutely necessary
handled according to people’s data protection rights
kept safe and secure
not transferred outside the European Economic Area without adequate protection
https://www.gov.uk/data-protection/the-data-protection-act
The Data Protection Act is all about protecting the rights and privacy of people, ensuring
their information is dealt with accordingly and appropriately at all times. SRC comply with
this act successfully. All of the information they have on students is stored privately and not
accessible by the public. For example, a students name, address, contact details and results.
This can be seen by the college, and the particular person in question. However, as SRC
comply with the Data Protection Act, they have strict policies to ensure this information is
handled in the correct way and that the act is not breached.
,Conor Cunningham P5 P6 M2
If SRC don’t comply with the act, it could lead to significant problems. If a student feels their
information isn’t handled in the correct way which abides by the Data Protection Act, they
could take legal action against the college. This could lead to court and potential fines
depending on the severity of the breach of conduct. If a student within the college fails to
comply with the policy, it could lead to a dismissal or possible expulsion from the college.
This act is taken very seriously and is in place at all times. From the SRC Data Protection
Policy, it is clear that the college take the act very seriously and is implemented throughout
the college. The policy shows the responsibility of everyone in the college in
correspondence with the act.
As a result of the SRC having a Data Protection Policy, it means that all staff and students
know how to handle data and information. This ensures that data is handled according to
peoples data protection rights and is kept safe and secure. This is a huge advantage in SRC
as it means that all information is handled in the correct way and is used appropriately.
Subsequently, this allows for a college which is safe and secure and where no individuals
data protection rights are in breach.
, Conor Cunningham P5 P6 M2
“The Southern Regional College (SRC) is committed to protecting the rights and privacy of
individuals, including staff, students and others in accordance with the Data Protection Act
1998 (DPA 1998). In order to comply with the legislation the College aims to ensure that
information about individuals is collected and used fairly, stored safely and securely and not
disclosed to any unauthorised third party.” The act is clearly implemented to the policy of
SRC and this can be seen from the way in which SRC carries out operations such as
protecting students and employee’s information.
http://moodle.src.ac.uk/mod/folder/view.php?id=20120
Computer Misuse Act 1990
The Computer Misuse Act was passed by the British government and was introduced to
fight the growing threat of hackers and hacking. It ensures that the internet and related
technology is used as safely as possible and that people are using the internet appropriately
at all times.
The Act introduced three criminal offences:
1) Unauthorised access to computer material.
2) Unauthorised access with intent to commit or facilitate commission of further
offences.
3) Unauthorised modification of computer material.
The act makes it an offence to access or even attempt to access a computer system without
the appropriate authorisation. It reinforces how important it is to use computers safely and
in the correct way. Since the act was introduced, it has seen a massive decrease in hacking
and related issues. It has also means more people can be disciplined as a result of breaching
the act as the principles of the act are clearly highlighted.
http://www.legislation.gov.uk/ukpga/1990/18/contents
The SRC has an ICT Network Acceptance Use Policy which aims to make the computer
system within the college as safe as possible for all staff and pupils. The general principles of
the policy can be seen below;
All staff and learners of Southern Regional College are permitted and encouraged to
use the College's ICT facilities, including the public Internet, provided that the
conditions of use are adhered to.
The Internet and Intranet are to be used in a manner that is consistent with the
College's standards.
