Data Protection Guidance for Organisations

Any business or organisation that processes personal data must do so in accordance with the provisions of the Data Protection Act and, in particular, the data protection principles.

This section contains detailed guidance on how to comply with the Act.  

Guidance on all aspects of the Act is available in the document library and the UK Information Commissioner's website contains a self assessment toolkit to assist small and medium sized organisations assess their compliance with the Act.

Organisations in both the public and private sector must also determine whether the new European General Data Protection Regulation applies to the processing undertaken and make themselves familiar with the new requirements which must be complied with in addition to the requirements of the existing Data Protection Act.