Data Protection

For further information about data protection please contact the Data Protection Administrator, telephone 01264 368000 or e-mail

What is data protection?

Data protection embraces a range of facets of good information management practice. It relates to the integrity that is applied to the management of information, in any format, about a person or persons. It relates to the need to provide a reasonable degree of confidentiality for information about people, and to respect their privacy. But it also embraces concepts such as ensuring the reliability of any information used, together with its fair and legitimate use by everyone.

Data protection applies to:

"Personal data" - information relating to an identified or identifiable living individual. Data about corporations is not personal data. An "identifiable individual" is someone who can be identified directly or indirectly by any means, such as an ID number, or some characteristic associated with that individual.

It applies whether the personal data is stored as digital or computerised information or as manual records - including those on paper, microfilm and video etc. Basically, anything processed by information technology of any kind.

Data protection legislation

Data protection legislation in the UK dates from 1984 with the enactment of the first Data Protection Act. The 1984 Act was the result of a long process of scrutiny and discussion on the influence that computers had, or were perceived to have, on personal privacy and lifestyles.

The new Data Protection Act 1998 implements the Directive from the European Union in the United Kingdom. It incorporates the requirements, specifications and options in the Directive. At the same time, it allows revisions and improvements to the earlier United Kingdom legislation to be made. The 1998 Act takes the concept of proper management of records containing personal information further than ever before, particularly with the inclusion of manual as well as automated data.