Under UK GDPR How Many Principles Are There

The seven key principles on which UK GDPR is based are reasonably pervasive in guiding the processing of personal data. Actually, these are considered the cornerstone for proper data processing and are thus a basis upon which an organization will act legally and ethically in managing personal information.


Lawfulness, Fairness, and Transparency

The provision is the basis for processing personal data lawfully, fairly, and transparently. Organisations should have a justification for collecting data and not violate any law in the process. More importantly, organisations should provide sufficient information to the individuals as to how their data will be used without concealing anything.

Purpose Limitation 

Data must be collected for explicit, well-defined, and legitimate purposes. When the data is being collected, an organization must provide notice to individuals for what purpose it’s collecting. If the use for data that is eventually put to a new use : Must be Warranted by Law; Must be Fair; Must fall within the original purpose.


Data Minimisation 

Organisations must collect only the amount of data required, avoiding any unreasonable or excessive collection. The data should be adequate and relevant for its intended purpose, but nothing more.

 

Accuracy

This principle puts much emphasis on the accuracy of maintaining personal information up to date. If the information is incorrect, then every possible effort must be made to rectify the same with minimum delay.

Storage Limitation

Organisations must periodically review the data they hold and erase or anonymise it whenever it is no longer needed.


Integrity and Confidentiality (Security) 

An appropriate level of security is expected of an organisation to guard personal data. This means guarding against unauthorized access, accidental loss, or damage by using both technical and organisational methods.


Accountability

Finally, this places the burden of proof on organizations to show that they are adhering to the regulations. Organizations are expected to have in place procedures established and to be able to demonstrate that they are adhering to the other six principles.

Organisations will be able to process data within the law and in an ethical manner by observing these principles. In their disregard lie heavy fines and penalties, but most importantly, they serve to destroy trust in individuals whose data is being handled. Success with data protection comes with keeping it simple, clear, and responsible.

 

Click for more information 

Featured