Responsibility for compliance with the data protection principles and other aspects of the Act lies with the ‘Data Controller’.

The Data Controller is defined in the Act as “a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are … processed”. ‘Person’ in this context very rarely means an individual (or ‘natural person’). Instead, in most cases the Data Controller will be an organisation, although individuals who are in business on their own account can also be Data Controllers. It is important to note that group-level responsibility for data protection compliance is not an option. Each legal ...

Get Data Protection and the Cloud: Are the risks too great? now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.