The Data Protection Act requires anyone who handles personal information to comply with a number of important principles. It also gives individuals rights over their personal information.
If you handle personal information, you have a number of important legal obligations. All the details are here.
The ICO produces detailed guidance which provides organisations and individuals with all the information they need to know about the Data Protection Act.
The ICO has legal powers to ensure that organisations comply with the requirements of the Data Protection Act. It is important to note that these powers are focused on ensuring that organisations meet the obligations of the Act.
The ICO carries out consensual audits with data controllers to assess their processing of personal information. Read details of these audits here.
Unless you're exempt, the Data Protection Act requires all data controllers who process personal information to notify with the ICO.
The ICO has legal powers, including the power to issue information and enforcement notices, conduct audits and prosecute offenders.
In addition to its UK responsibilities, the ICO has an international role including cooperation with similar organisations in the rest of Europe and with the European Commission.
Read the full text of the Data Protection Act 1998.
Read our data protection strategy here.
.