100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
Previously searched by you
Summary A.P3 Explain why organisations must adhere to legal requirements when considering IT systems security. | UNIT 7: IT SYSTEMS SECURITY AND ENCRYPTION | BTEC Computing$5.99
Add to cart
Summary A.P3 Explain why organisations must adhere to legal requirements when considering IT systems security. | UNIT 7: IT SYSTEMS SECURITY AND ENCRYPTION | BTEC Computing
1004 views 10 purchases
Course
Unit 7 - IT Systems Security and Encryption
Institution
PEARSON (PEARSON)
A.P3 Explain why organisations must adhere to legal requirements when considering IT systems security.
UNIT 7: IT SYSTEMS SECURITY AND ENCRYPTION | BTEC Computing
legal requirements when considering it systems security
Written for
BTEC
PEARSON (PEARSON)
Computing
Unit 7 - IT Systems Security and Encryption
All documents for this subject (38)
Seller
Follow
BTECcomputingANDbusiness
Reviews received
Content preview
P3 Legal requirements: IT
systems security
As an online software company which deals with money transfer, you will need to follow a number
of legal legislation as you are dealing with highly confidential information in bank account details.
These requirements relate to how the data is used, to how it is stored and must be followed closely
to avoid prosecution from the authorities. Prosecution takes the form of fines and possible
imprisonment, as not following these requirements is breaking the law. The main IT security
legislation is listed below:
Data Protection Act 2018 - General Data Protection Regulation (GDPR)
This legislation replaces the old ‘Data protection act 1998’ and acts to control how businesses,
organisations or governments use your personal data when stored on computer systems or on hard
copies. In your company you must follow the ‘data protection principles’, which can be split into 6
sections:
1. Used fairly, lawfully and transparently - all data that is stored must be used with an honest
reason, within the law and the need to use it must be made clear.
2. Used for specified, explicit purposes - you must state clearly the reason to use any data, and
this reason must be clear.
3. Used in a way that is adequate, relevant and limited to only what is necessary - the data
must be used only to complete what is necessary and nothing more; its use should be
acceptable and appropriate.
4. Accurate and, where necessary, kept up to date - all data which is stored must be updated
when needed to keep all the information accurate. This includes any changes to mobile
numbers or addresses - these must all be kept up-to-date.
5. Kept for no longer than is necessary - all data should only be stored when it is needed, for
example when you are dealing with a client. But when you no longer need this information
on the client it must be destroyed/deleted as it is no longer necessary to have such
information about someone/ or their business.
6. Handled in a way that ensures appropriate security, including protection against unlawful
or unauthorised processing, access, loss, destruction or damage - as a company or
organisation all data must be secure and have suitable protection. It should only be able to
be seen by authorised personnel, whilst not being subject to loss, destruction or damage.
An example of an organisation not following GDPR regulations is
certain NHS trusts across the UK. They could face fines from the
‘Information Commissioner’s Office (ICO) after they had failed to
pay the new data protection fee. As a company, we would need to
abide by these regulations to avoid any financial penalties.
Alongside these principles, people have rights to find out what
sort of information the organisation or business stores about
them. As an online software company, you will have to disclose
any information you store about anyone (if they wish to be
Unit 7: IT Systems Security and Encryption
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller BTECcomputingANDbusiness. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $5.99. You're not tied to anything after your purchase.