The Data Protection Act 1998 (c. 29) (“the Act”) regulates, amongst other things, the processing of “sensitive personal data”, as defined in section 2. The first data protection principle, set out in paragraph 1 of Schedule 1 to the Act, prohibits the processing of “sensitive personal data” unless one of the conditions in Schedule 3 to the Act is met. The condition in paragraph 10 of that Schedule is that the personal data are processed in circumstances specified in an order made by the Secretary of State. This Order specifies certain circumstances for the purposes of that paragraph.
Go to Source

This entry was posted on Tuesday, July 31st, 2012 at 1:45 pm and is filed under UK Statutory Instruments. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.