All businesses that collect, store and use information on living and identifiable people must comply with the Data Protection Act. The articles, guides and links on this page provide further information on the regulations and some of the key issues for firms.
Legal Alert
The Legal Alert is a monthly checklist from BHP Information Solutions highlighting new and pending laws, regulations, codes of practice and rulings that could have an impact on your business.
Latest updates
Further articles
Online books, guides and publications
Briefings
Directors' Briefings and Start-Up Briefings are four-page guides written for the busy practitioner, director and entrepreneur providing concise, practical advice on core business issues.
Disclaimer: These publications from BHP Information Solutions Limited are for general guidance only, for businesses in the United Kingdom governed by the laws of England. BHP Information Solutions Limited, expert contributors and the Institute of Chartered Accountants in England and Wales (as distributor) disclaim all liability for any errors or omissions.
ICAEW guides and publications
The ICAEW has published a number of guides on data protection and the accounting profession.
Information on the latest developments in this area can be found on the data protection topics page on the ICAEW website.
Online articles
The library provides access to a range of articles in full text from leading business, finance and management journals.
You will need to be logged-in to the website to gain full access to the range of articles available online.
Useful links
Legislation and regulations
Commission proposes a comprehensive reform of the data protection rules
European Commission news release published on 25 January 2012. Includes links to factsheets on data protection reform, surveys and the proprosed legislative texts.
Data Protection Act 1998
Full text of the act that came into force on 1 March 2000. It applies to computerised personal data, and to personal data held in structured manual files.
Data Protection Directive 1995
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
Guidance
Information Commissioner's Office (ICO)
Guide to data protection – definitions, principles and practical examples
Detailed guidance for UK organisations, covering:
- key definitions of the Data Protection Act
- processing personal data fairly and lawfully
- processing personal data for specified purposes
- information standards
- the rights of individuals
- information security
- sending personal data outside the European Economic Area
- the conditions for processing
- exemptions.
Employment
Information for small businesses on the Employment Practices Code with links to the full Code and supplementary guidance.
Getting it right: small business checklist (PDF 72.89kb/2 pages)
Short checklist to help SMEs comply with the Data Protection Act.
The Durant Case and its impact on the interpretation of the Data Protection Act 1998
Summary of the 2003 Durant v Financial Services Authority case with relevant guidance relating to the right of access to personal data from the ICO. Published February 2006.
Data Protection and Small and Medium Enterprises (PDF 460kb/73 pages)
Report investigating the awareness of data protection and the Data Protection Act amongst small and medium sized businesses in the UK, prepared for the ICO by Enterprise Research and Development Unit (ERDU) of Lincoln Business School and published in September 2004.
European Commission
Protection of personal data
Comprehensive guide to data protection issues within the EU. Topics include:
- entities collecting data
- obligations of data controllers
- data transfers outside the EU
- handling complaints
- protecting personal data for individuals
- data protection bodies
- legislation
- factsheets
- glosssary of terms.
Other organisations
Data protection
Guidance for professionals and practitioners from the Ministry of Justice on the application of the Data Protection Act 1998.
Data Protection & Freedom of Information Standards
Overview from the British Standards Institution.
Data protection and legal issues
Guide from Business Link covering issues relevant to organisations, including:
- compliance with data protection legislation
- Privacy and data protection in direct marketing
- the Freedom of Information Act
- e-commerce and the law
- sample IT policies, disclaimers and notices.
Safe Harbor Privacy Principles
The International Trade Administration Electronic Commerce Task Force website, including a detailed listing of documents and letters that form the ‘safe harbor’ privacy arrangement between the US Department of Commerce and the European Commission.
US Department of Commerce Safe Harbor Portal
Comprehensive website supporting the Safe Harbor privacy framework in the US, including an overview, documentation, workbook, a certification form and a safe harbor search service (searchable by state or industry sector).
Articles and books in the Library collection
To find out how you can borrow books from the Library please see our guide to book loans.
You can obtain copies of articles or extracts of books and reports by post, fax or email through our document delivery service.
Can't find what you're looking for?
If you have any difficulty in finding the material you are looking for please contact the enquiry team by phone on +44 (0)20 7920 8620, by fax on +44 (0)20 7920 8621 or by email at library@icaew.com.
The ICAEW accepts no responsibility for the content on any site to which a hypertext link from this site exists. The links are provided 'as is' with no warranty, express or implied, for the information provided within them. Please see the full copyright and disclaimer notice.