Introduction
The Data Protection Act 1998 is the law that governs the processing of personal information held on living, identifiable individuals. You must comply with the Act if your business processes personal information.
The Act requires that you are open about your use of information and follow certain principles for processing that information. These principles are known as the eight data protection principles. The Act also provides individuals with certain rights, including the right of subject access.
This guide explains when and how you must inform the Information Commissioner that you are processing personal information. It goes through the issues that apply to monitoring staff and releasing information to individuals.
Subjects covered in this guide
- Introduction
- The Information Commissioner
- The Data Protection Act
- The eight principles
- Notifying the Information Commissioner
- Exemptions from notifying the Information Commissioner
- Rights of access
- Monitoring employees
- Enforcement and penalties
- Bogus data protection agencies
- Here’s how I complied with the Data Protection Act 1998
