# Data Protection Act, 2012
# ARRANGEMENT OF SECTIONS
# Section
# Data Protection Commission
- Establishment of Data Protection Commission
Object of the Commission 3.Functions of the Commission 4Governing body of the Commission 5.Tenure of office of members .Meetings of the Board 7.Disclosure of interest 8. Establishment of committees 9. Allowances 10. Ministerial directives
# Administration
- Appointment of Executive Director
1.Functions of the Executive Director 13. Appointment of other staff
# Finances of the Commission
14.Funds of the Commission 15. Accounts and audit 16. Annual report and other reports
# Application of principles of data protection
17.Privacy of the individual 18.Processing of personal data 19. Minimality 20.Consent, justification and objection 21.Collection of personal data Collection of data for specific purpose 23.Data subject to be made aware of purpose of collection 24.Retention of records 25.Further processing to be compatible with purpose of collection 26.Quality of information 27.Registration of data controller
# Data Protection Act, 2012
28.Security measures 29.Data processed by data processor or an authorised person 30.Data processor to comply with security measures 31.Notification of security compromises 32. Access to personal information 33. Correction of personal data 34. Manner of access
# Rights of data subjects and others
35.Right of access to personal data 3.Credit bureau as data controller
# Processing of special personal data
37.Processing of special personal data prohibited 38Exemption related to religious or philosophical beliefs of data subject Right to prevent processing of personal data 40Right to prevent processing of personal data for direct marketing Rights in relation to automated decision-taking 42.Rights in relation to exempt manual data 43.Compensation for failure to comply 44Rectification, blocking, erasure and destruction of personal data 45.Application of the Act
# Data Protection Register
- Establishment of Data Protection Register
47Application for registration 48.Right to refuse registration 4Grant of registration 50. Renewal of registration 51. Removal from Register 5Cancellation of registration 53. Processing of personal data without registration prohibited 54Access by the public 55.Duty to notify changes 5.Failure to register
# Data Protection Act, 2012
57Assessable processing 58. Appointment of data protection supervisors 59. Fees
# Exemptions
- National security
- Crime and taxation
- Health, education and social work
3.Regulatory activity 64. Journalism, literature and art 65.Research, history and statistics 66.Disclosure required by law or made in connection with a legal proceeding 67. Domestic purposes 68.Confidential references given by data controller 69. Armed Forces 70. Judicial appointments and honours Public service or ministerial appointment 72. Examination marks 73. Examination scripts 7.Professional privilege
# Enforcement
- Enforcement notice
- Cancellation of enforcement notice
77.Request for assessment 78.Determination by the Commission Restriction on enforcement in case of processing for special purposes 80.Failure to comply with notice 81. Authorised officers
# Records obtained under data subject's right of access
82.Conditional request for personal data prohibited 83.Demand for health records
# Information provided to Commission
84.Disclosure of information 85.Confidentiality of information
# Miscellaneous and general provisions
8.General duties of the Commission 87. International co-operation 88.Prohibition to purchase, obtain or disclose personal data