The Data Protection Act 1998 is the main legislation which relates to data protection and includes the powers of the Information Commissioner’s Office (ICO) and duties placed on organisations and their data controller.
The main aspects of the legislation cover the following points:
New draft regulations were issued in January 2012 and it is expected that the draft regulations will be finalised around the end of 2013. They are likely to come into force in 2016. These regulations are due to be implemented directly by every country in the EEA with the regulations being the same in each country. These new regulations are likely to be more onerous than the legislation currently in place. These regulations can be found here
Some of the main changes proposed by the new Data Protection Regulations are as follows:
The ICO website has various guides on data protection which can be accessed via the 'Related Links' section of this webpage.
ACCA has produced a technical factsheet which gives more detail on the current requirements which can be accessed under the 'Related Documents' section of this webpage.