The Data Protection Act 1998 and pensions [Archived]
Produced in partnership with Pinsent Masons
Practice notesThe Data Protection Act 1998 and pensions [Archived]
Produced in partnership with Pinsent Masons
Practice notes
Before the EU General Data protection Regulation came into force on 25 May 2018, the Data Protection Act 1998 (DPA 1998) outlined the data protection obligations for pension scheme trustees and employers when 'Processing' 'Personal data' as 'data controller' (see: Terminology below).
For more information on the data protection requirements applicable in a pensions context on and from 25 May 2018, see Practice Note: Data protection for pensions lawyers.
Terminology
Terms commonly used within the DPA 1998 included:
- •
Processing: all-encompassing term that includes obtaining, recording, holding, using, disclosing or erasing data
- •
Data subject: an individual who is the subject of the data held. Typical data subjects in a pension scheme are scheme members, and any beneficiaries or dependants of the members
- •
Personal data: data relating to a living individual who can be identified from that data
- •
Data controller: person/organisation controlling the data and responsible for complying with the provisions of the DPA 1998. For pension schemes, it was typically the trustees of an occupational pension scheme who, as data controllers,
Access this content for free with a 7 day trial of LexisNexis and benefit from:
- Instant clarification on points of law
- Smart search
- Workflow tools
- 42 practice areas
Get your quote today and take step closer to being able to benefit from:
- Instant clarification on points of law
- Smart search
- Workflow tools
- 36 practice areas
Get a LexisNexis quote
* denotes a required field
To view the latest version of this document and thousands of others like it,
sign-in with LexisNexis or register for a free trial.
CONTACT US
