Here's a full index of our Data Protection Act 1998 guidance for organisations
Please note: The following information has not been updated since the Data Protection Act 2018 became law. Although there may be some subtle differences between the guidance on this page and guidance reflecting the new law – we still consider the information useful to those in the media.
Anonymisation
Audits
Big Data
Binding Corporate Rules
Credit and finance
Crime mapping
Data sharing
Deletion
Data Protection - general
Education
Employment
- Employment practices code
- Employment practices code – a quick guide
- Employment practices code – supplementary guidance
Encryption
Exemptions
Identity scanning
International transfer
- Assessing adequacy for international data transfers
- Binding Corporate Rules
- Data transfers to the US and the Privacy Shield
Marketing
The media
MPs and elected officials
- Disclosure of personal information by local authorities to councillors
- Constituency casework of Members of Parliament and the processing of sensitive personal data
- Guidance on political campaigning
Online and computing
- Bring your own device (BYOD) guidance
- Cloud computing
- IT asset disposal
- Personal information online code of practice
- Privacy in mobile apps: guidance for app developers
- Social networking and online forums – when does the DPA apply?
- Wi-Fi location analytics
Relevant filing system
RFID
Security
- A practical guide to IT security: ideal for the small business
- A practical guide to IT security: ideal for the small business (Welsh)
- Encryption
- Notification of privacy and electronic communications security breaches