The Data Protection Act

The Data Protection Act 1998 covers private and public sector organisations in the UK.
This legislation gives an individual the right to find out what information is held about him or her electronically and in structured records. Since the 1st January 2005, the Freedom of Information Act amended the Data Protection Act 1998 so that any information, including unstructured records, held by an organisation about an individual can be accessed by that individual.

If any of the information held about an individual is incorrect, the individual has the right to correct this (and have the inaccurate information removed / destroyed). There are some exemptions to the right of subject access.

The Data Protection Act 1998 also regulates the use of computerised information and other records in relation to living individuals, and regulates disclosure.

The Information Commissioner, Christopher Graham, administers and enforces the Data Protection Act 1998 throughout the UK.

The European Commission are seeking to change the way in which the UK implements the Directive relating to personal data. It is therefore likely that there will be some significant changes in 2010/2011.

• LOGIN
• HELP DESK
• LIBRARY
• NETWORK MAIL
• BENCHMARKING
• VEXATIOUS REQUESTS

To subscribe to FOI+ please click here

"No organisation can neglect to protect people’s privacy. Not only is it the law, but there is also a hard headed business imperative. This report provides organisations with the tools to produce a financial business case for data protection, ensuring privacy protection is hardwired into organisational culture and governance."

Christopher Graham, Information Commissioner, 3/3/2010