The Computer Misuse Act 1990

The Act

The offences are:

• unauthorised access to computer material
• unauthorised access with intent to commit or facilitate commission of further offences
• unauthorised acts with intent to impair, or with recklessness as to impairing, operation of computer, etcetera

The Act also makes it an offence to make, adapt, supply or obtain articles for use in unlawfully gaining access to computer material or impairing the operation of a computer.

Access is defined in the Act as:

• altering or erasing the computer programme or data
• copying or moving the programme or data
• using the programme or data
• outputting the programme or data from the computer in which it is held (whether by having it displayed or in any other manner)

Unlawful access is committed if the individual intentionally gains access; knowing he is not entitled to do so; and aware he does not have consent to gain access.

• The Computer Misuse Act 1990 is available on the www.legislation.gov.uk website

Records management considerations

It is important that all staff members are aware of and comply with all security measures put in place to protect all of the organisation’s records.

The organisation should have policies and procedures in place to facilitate compliance alongside disciplinary measures for failure to comply.