NCC Members have free access to these Guidelines on the NCC Membership website.

When Data Protection legislation was first introduced in the UK in 1984, it was seen as affecting those responsible for IT only, as it related to electronic data only. The

Data Protection Act 1998 (DPA) changed that, with its extended application to manual records. That said, it remains of direct relevance to those responsible for the procurement, provision, support and maintenance of IT systems, and these guidelines aim to summarise the key requirements.

This Legal Guideline looks at the terminology used in the legislation and each of the Data Protection Principles.