A Guide to Complying with the Data Protection Act
- Price: £3.60
- Published: December 2014
- Type: Business Information Factsheet
- Format: PDF
The Data Protection Act 1998 (the Act) has established the rules for anyone keeping, using or processing personal information about individuals. Most small firms process personal information and it is important for business owners to understand their legal obligations under the Act.
This factsheet explains what personal data is and what business owners and 'data controllers' need to do to comply with the Act. It describes the eight data protection principles and outlines the circumstances in which personal data can be processed lawfully. It also covers privacy notices and the conditions for handling sensitive personal data.
The factsheet explains how to register as a data controller with the Information Commissioner's Office (ICO), the independent authority responsible for upholding information rights in the UK. It also explains how to deal with subject access requests from individuals, and outlines how the Act is enforced.