Sunday, May 18, 2008

Ethics & social responsibilities (MR, unit 4)

Important to behave responsible as research relies on people willing to provide data

Data protection
Legislation exists in most developed countries. Concern due to ...
incorrect details can cause minor irritation to big financial problems
databases may be sold and people receive unwanted contact about other products
inappropriate personalised mailings e.g. people who've died

Data Protection Act 1998 (originally introduced in 80s)
Concerned with personal data about living, identifiable individuals
Gives inds (data subjects) rights and requires 'data controllers' to be open about use of information and follow proper practices

8 data protection principles, data must be...
  1. fairly & lawfully processed
  2. processed for limited purposes
  3. adequate, relevant and not excessive
  4. accurate
  5. not kept for longer than necessary
  6. processed in accordance with individual's rights
  7. secure
  8. not transferred to countries that don't have adequate data protection laws
If org holds data on PC, need to notify (complete form about the data and how it's used to the Office of the Information Commissioner)

Fair processing for limited purposes
Be open about why you want info and have legitimate reason for processing
Explain: who you are, what you intend to use info. for, who intend to give it to (if anyone)

Adequate, relevant, not excessive, accurate and no longer than necessary
Hold neither too much nor too little
Be accurate & up-to-date as far as possible
Remove when no longer required

The rights of data subjects
Individuals have rights to...
  • be informed of all the information held about them by an organisation (written request must be processed within 40 days, max £10 charge)
  • prevent the processing of their data for the purposes of direct marketing
  • compensation if they can show damage caused by contravention
Example: govt tries to block information requests as too costly

Security
Access to PC records for authorised staff (passwords)
Control access by people other than staff (verify identification of callers)
Measures to prevent accidental loss or theft (backups, fire precautions)
Example: HMRC loses 25million child benefit details

Enforcement
Commissioner has powers to force compliance
An enforcement notice means they can enter & search premises
Fines & criminal penalties for holding data without being registered

Professional codes of practice
ICC/ESOMAR code covers rights of respondents, professional responsibilities of researchers, mutual responsibilities of researchers & clients

[read code for key points]
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)