Data Protection Act

Data Protection for organisations

Your responsibilities and obligations to data protection

If you handle personal information about individuals, you have a number of legal obligations to protect that information under the Data Protection Act 1998.

.

We've highlighted six key questions on data protection, our guide to the Act, and a range of topic guides on the right hand side.

How do I respond to a subject access request?

Do I need to notify and how do I maintain my register entry?

Can I send personal data overseas?

What security measures should I take to protect the personal data I hold? 

What should I do if I lose personal data?

What is an audit and how can I request one?

 

Guide to Data Protection – definitions, principles and practical examples

If you handle personal information about individuals, you have a number of legal obligations to protect that information. Find out more here.

Guidance index

View a full list of our data protection guidance. 

Sector guides

Where do you work? We’ve produced a set of sector specific guides.

FAQs

Can't find what you're looking for? Our FAQs might help.

Useful items


  • Legislation

    Read the full text of the Data Protection Act 1998 and the Privacy and Electronic Communications (EC Directive) Regulations 2003.

  • Promoting data privacy for individuals

    The ICO is committed to upholding the data privacy of individuals.

  • Personal information

    The Data Protection Act gives individuals the right to access information that is held about them and stop it being misused.