CHAPTER 1: BACKGROUND – THE DATAPROTECTION PRINCIPLES

As most readers probably know, the Data Protection Act is based on eight legally-binding principles. Being principles rather than precise stipulations, these describe the outcome that must be achieved, not the means of doing so. Every organisation has a significant degree of flexibility in deciding how to comply.

The Act applies to the whole lifecycle of information, from its original collection to its final destruction. See the definition of ‘processing’ below.

It is usually necessary to be able to demonstrate, through policies and procedures, staff training and other measures, how an organisation ensures that all of its actions comply with the principles. A failure to comply with the principles ...

Get Data Protection and the Cloud: Are the risks too great? now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.