Information Security Legislation
|
Legislation All users of computer systems have to abide by UK and EC legislation and other relevant legislation. This requirement devolves to the employees who may be held responsible for any breach These Acts are of particular relevance to computer information security.
|
|
|
Data Protection Act "appropriate security measures shall be taken against unauthorised access to, or alteration, disclosure or destruction of personal data and against accidental loss or destruction of personal data" This act is designed to protect information held about individuals by any organisation. The quote explains the intent of the Act. All holders of this kind of information are required to register themselves.
|
Copyright, Designs and Patent Act "the owner of the copyright has the
exclusive right When computer programs are sold, a royalty is paid per copy to the author or owner of that program. Any copies made in addition to the number of licences paid for are illegal. The local Trading Standards Office regulate unauthorised software copying and offences are taken very seriously.
|
|
Computer Misuse Act "1. A person is guilty of an offence if- (a) He causes a computer to perform any function with intent to secure access to any program or data held in any computer (b) The access he intends to secure is unauthorised" 2. (b) to facilitate the commission of such an offence It is an offence to attempt to access any computer system without authorisation or to allow anyone else to. It is similar to the idea of trespass on private property.
|
Norfolk
County Council - Standards of Behaviour
Gross Misconduct - includes "Serious mis-use of County Council property,
including computers (for example, the use of unauthorised software,
allowing access by unauthorised persons, obtaining or seeking to obtain
access without authority)
|
"