Data controller is legally responsible for the personal information it holds. It may be an individual or an entity.
Responsibilities of a Data Controller
Data controller is a person or an entity who / which controls and is legally responsible for keeping the personal information. Information may be stored in computers or in structured manual files. Data controller decides why and how any personal data should be processed.
If an individual or an organization is responsible for the personal data it holds, then the individual / organization is called as data controller. If an individual / organization just keeps personal data but some other organization is responsible for that data, then that particular organization becomes data controller and the individual / organization becomes data processor.
Responsibilities of a data controller is defined by various acts in different countries. Generally data controller has to ensure compliance with laws like the Data Protection Act of 1998 in the United Kingdom. Data controller is duty bound to comply with the rules prescribed on how to deal with personal data. All the legal procedures related to processing personal data should be adhered to. Data controller also becomes responsible for the actions of the data processor when the later would be carrying out duties on behalf of the former. When ever an individual citizen requests in writing or by email about his personal data, the data controller should inform the individual if they or someone on their behalf is processing that particular individual's data. Details pertaining to what data they possess, to whom is it being disclosed and the purpose of holding that individual's data should be given to the individual on request. Individual will have to pay a nominal fee.
Data controller plays an important role in the current global market scenario where the personal data of an indiviaual is more likely to be misused by vested interests.
If an individual or an organization is responsible for the personal data it holds, then the individual / organization is called as data controller. If an individual / organization just keeps personal data but some other organization is responsible for that data, then that particular organization becomes data controller and the individual / organization becomes data processor.
Responsibilities of a data controller is defined by various acts in different countries. Generally data controller has to ensure compliance with laws like the Data Protection Act of 1998 in the United Kingdom. Data controller is duty bound to comply with the rules prescribed on how to deal with personal data. All the legal procedures related to processing personal data should be adhered to. Data controller also becomes responsible for the actions of the data processor when the later would be carrying out duties on behalf of the former. When ever an individual citizen requests in writing or by email about his personal data, the data controller should inform the individual if they or someone on their behalf is processing that particular individual's data. Details pertaining to what data they possess, to whom is it being disclosed and the purpose of holding that individual's data should be given to the individual on request. Individual will have to pay a nominal fee.
Data controller plays an important role in the current global market scenario where the personal data of an indiviaual is more likely to be misused by vested interests.