Information since 17 Apr 2025, 5:17 p.m.
| Calendar |
|---|
|
Wednesday 17th September 2025 4:15 p.m. Home Office Lord Hanson of Flint (Labour - Life peer) Orders and regulations - Grand Committee Subject: Data Protection Act 2018 (Qualifying Competent Authorities) Regulations 2025 Data Protection Act 2018 (Qualifying Competent Authorities) Regulations 2025 View calendar - Add to calendar |
|
Tuesday 9th September 2025 9:25 a.m. Home Office Second Delegated Legislation Committee - Debate Subject: The draft Data Protection Act 2018 (Qualifying Competent Authorities) Regulations 2025 Data Protection Act 2018 (Qualifying Competent Authorities) Regulations 2025 View calendar - Add to calendar |
| Parliamentary Debates |
|---|
|
Children’s Wellbeing and Schools Bill
59 speeches (17,670 words) Tuesday 2nd September 2025 - Lords Chamber Department for Education Mentions: 1: Baroness Smith of Malvern (Lab - Life peer) processing of personal information as required or enabled by the Bill does not contravene the Data Protection Act - Link to Speech |
| Select Committee Documents |
|---|
|
Monday 1st September 2025
Written Evidence - Jon-Paul Entwistle AAC0182 - Autism Act 2009 Autism Act 2009 - Autism Act 2009 Committee Found: .- The Data Protection Act 2018 (and GDPR) – through failure to provide full records or mishandling |
|
Thursday 24th July 2025
Report - 6th Report - Forced Labour in UK Supply Chains Human Rights (Joint Committee) Found: For example, companies can be fined 4% of annual turnover for certain breaches of the Data Protection Act |
| Written Answers |
|---|
|
Google
Asked by: Lord Taylor of Warwick (Non-affiliated - Life peer) Friday 1st August 2025 Question to the Department for Science, Innovation & Technology: To ask His Majesty's Government what assessment they have made of Google's "Data Boundary" solution; and what steps they are taking to protect the privacy of their data held on Google Cloud. Answered by Baroness Jones of Whitchurch - Baroness in Waiting (HM Household) (Whip) His Majesty’s Government has not made a formal assessment of Google's "Data Boundary" solution. However, it remains committed to ensuring that public sector data is managed securely and in line with UK law and regulations, including the Data Protection Act 2018 and UK GDPR. The responsibility of managing a department’s digital and IT infrastructure ultimately falls within each Department’s own purview. However, departments are mandated to follow the GDS Cloud First policy and multi-region guidance, using cloud services that provide flexibility, resilience, and robust data governance. Additionally, the NCSC’s Cyber Assessment Framework and the Government Functional Standard for security set out the principles and baseline controls for managing security risks, particularly for critical systems and sensitive data. |
|
Personation
Asked by: Lisa Smart (Liberal Democrat - Hazel Grove) Wednesday 23rd July 2025 Question to the Home Office: To ask the Secretary of State for the Home Department, if her Department has considered making identity theft a police recordable crime. Answered by Diana Johnson - Minister of State (Home Office) At present, identity theft is not a standalone criminal offence, but criminal acts which exploit stolen identities are already covered under existing legislation such as the Fraud Act 2006, Computer Misuse Act 1990, and Data Protection Act 2018. However, we recognise the evolving nature and increasing prevalence of identity-related crime and are taking additional proactive steps to address it. That is why the Independent Review of Fraud Offences will also consider whether a specific offence for identity theft is needed. Alongside this, we will also consider whether to include further initiatives to prevent the misuse of stolen identities and strengthen protections for the public as part of the Government’s upcoming Fraud Strategy. |
| Secondary Legislation |
|---|
|
National Health Service (Pharmaceutical and Local Pharmaceutical Services) (Miscellaneous Amendments) Regulations 2025 These Regulations amend the National Health Service (Pharmaceutical and Local Pharmaceutical Services) Regulations 2013 (S.I. 2013/349, as amended – “the PLPS Regulations”). The PLPS Regulations govern the arrangements in England, under Part 7 of the National Health Service Act 2006 (“the 2006 Act”), for the provision of pharmaceutical and local pharmaceutical services. Department of Health and Social Care Parliamentary Status - Text of Legislation - Made negative Laid: Wednesday 3rd September - In Force: 1 Oct 2025 Found: Schedule 1 (special categories of personal data etc – health or social care purpose) to, the Data Protection Act |
|
Global Irregular Migration and Trafficking in Persons Sanctions Regulations 2025 These Regulations are made under the Sanctions and Anti-Money Laundering Act 2018 (c. 13) to establish a sanctions regime for the purpose of preventing and combating people smuggling, trafficking in persons and the instrumentalisation of migration for the purpose of destabilising a country. Foreign, Commonwealth & Development Office Parliamentary Status - Text of Legislation - Made affirmative Laid: Tuesday 22nd July - In Force: 23 Jul 2025 Found: licence. (6) In this regulation— “the data protection legislation” has the same meaning as in the Data Protection Act |
|
Criminal Procedure Rules 2025 The Criminal Procedure Rules 2025: Ministry of Justice Parliamentary Status - Text of Legislation - Made negative Laid: Tuesday 22nd July - In Force: 6 Oct 2025 Found: information about material, other than evidence, disclosed by the prosecutor; (e)Part 3 of the Data Protection Act |
|
Financial Services and Markets Act 2023 (Mutual Recognition Agreement) (Switzerland) Regulations 2025 These Regulations implement provisions in the Agreement between the United Kingdom of Great Britain and Northern Ireland and the Swiss Confederation on Mutual Recognition in Financial Services done at Berne on 21st December 2023(52) (“the Agreement”). HM Treasury Parliamentary Status - Text of Legislation - Draft affirmative Laid: Monday 21st July - In Force: Not stated Found: . 2019/1043. (45)Section 391A of FSMA 2000 was amended by paragraph 50 of Schedule 2 to the Data Protection Act |
| Parliamentary Research |
|---|
|
Data centres: planning policy, sustainability, and resilience - CBP-10315
Aug. 27 2025 Found: and retention of personal data by organisations including data centres must comply with the Data Protection Act |
| Bill Documents |
|---|
|
Sep. 04 2025
Public Bill Committee Amendments as at 4 September 2025 Pension Schemes Bill 2024-26 Amendment Paper Found: is no longer needed because of the general data protection override in section 183A of the Data Protection Act |
|
Sep. 04 2025
Notices of Amendments as at 4 September 2025 - large print Bus Services (No. 2) Bill [HL] 2024-26 Amendment Paper Found: is no longer needed because of the general data protection override in section 183A of the Data Protection Act |
|
Sep. 04 2025
Notices of Amendments as at 4 September 2025 Bus Services (No. 2) Bill [HL] 2024-26 Amendment Paper Found: is no longer needed because of the general data protection override in section 183A of the Data Protection Act |
|
Sep. 03 2025
Notices of Amendments as at 3 September 2025 Pension Schemes Bill 2024-26 Amendment Paper Found: is no longer needed because of the general data protection override in section 183A of the Data Protection Act |
|
Sep. 03 2025
Notices of Amendments as at 3 September 2025 - large print Bus Services (No. 2) Bill [HL] 2024-26 Amendment Paper Found: is no longer needed because of the general data protection override in section 183A of the Data Protection Act |
|
Sep. 03 2025
Notices of Amendments as at 3 September 2025 Bus Services (No. 2) Bill [HL] 2024-26 Amendment Paper Found: is no longer needed because of the general data protection override in section 183A of the Data Protection Act |
|
Sep. 02 2025
Public Bill Committee Amendments as at 2 September 2025 Pension Schemes Bill 2024-26 Amendment Paper Found: is no longer needed because of the general data protection override in section 183A of the Data Protection Act |
|
Sep. 02 2025
Notices of Amendments as at 2 September 2025 - large print Bus Services (No. 2) Bill [HL] 2024-26 Amendment Paper Found: is no longer needed because of the general data protection override in section 183A of the Data Protection Act |
|
Sep. 02 2025
Notices of Amendments as at 2 September 2025 Bus Services (No. 2) Bill [HL] 2024-26 Amendment Paper Found: is no longer needed because of the general data protection override in section 183A of the Data Protection Act |
|
Sep. 01 2025
Notices of Amendments as at 1 September 2025 Pension Schemes Bill 2024-26 Amendment Paper Found: is no longer needed because of the general data protection override in section 183A of the Data Protection Act |
|
Sep. 01 2025
HL Bill 101-IV Fourth marshalled list for Committee Border Security, Asylum and Immigration Bill 2024-26 Amendment Paper Found: following new Clause— “Exemption from UK GDPR: illegal migration and foreign criminals (1) The Data Protection Act |
|
Jul. 24 2025
11th Report from the Select Committee on the Constitution Crime and Policing Bill 2024-26 Select Committee report Found: other legislation regulating access to personal data is arguably more narrowly framed; the Data Protection Act |
|
Jul. 23 2025
HL Bill 129 (as amended on Report) Employment Rights Bill 2024-26 Bill Found: (4) In subsection (3)(a) “the data protection legislation” has the same meaning as in the Data Protection Act |
| Department Publications - Guidance |
|---|
|
Sunday 31st August 2025
Department for Education Source Page: Non-school alternative provision: voluntary national standards Document: (PDF) Found: It is important that proprietors are aware that, among other obligations, the Data Protection Act 2018 |
|
Friday 29th August 2025
Ministry of Housing, Communities and Local Government Source Page: Planning Skills Delivery Fund: privacy notice Document: Planning Skills Delivery Fund: privacy notice (webpage) Found: following is to explain your rights and give you the information you are be entitled to under the Data Protection Act |
|
Monday 25th August 2025
Foreign, Commonwealth & Development Office Source Page: Mental health support for British nationals in Oman Document: Mental health support for British nationals in Oman (webpage) Found: Office holds and uses data for purposes notified to the Information Commissioner under the Data Protection Act |
|
Tuesday 19th August 2025
Department for Digital, Culture, Media & Sport Source Page: Community and Engagement Survey: Information for Participants Document: Community and Engagement Survey: Information for Participants (webpage) Found: All information will be processed in compliance with the Data Protection Act 2018 and General Data Protection |
|
Tuesday 19th August 2025
Department for Digital, Culture, Media & Sport Source Page: Community and Engagement Survey Privacy Notice Document: Community and Engagement Survey Privacy Notice (webpage) Found: Verian adheres to the following industry requirements: The UK GDPR, UK Data Protection Act 2018, the |
|
Thursday 31st July 2025
Department for Energy Security & Net Zero Source Page: CCUS East Coast Cluster Network Optimisation: projects market survey Document: (webpage) Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Friday 25th July 2025
Home Office Source Page: Foreign Influence Registration Scheme: information notices Document: (PDF) Found: such as financial statements, then this information will be handled in accordance with the Data Protection Act |
|
Thursday 24th July 2025
Home Office Source Page: Afghan schemes: funding instructions 2025 to 2026 and interim data sharing protocol Document: (PDF) Found: “Data Protection Legislation” means (i) the UK GDPR, (ii) the Data Protection Act 2018 (‘DPA 2018’) |
| Department Publications - Consultations |
|---|
|
Friday 29th August 2025
Department for Energy Security & Net Zero Source Page: Extending the ECO4 end date Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Friday 29th August 2025
Department for Energy Security & Net Zero Source Page: Nuclear Safeguards (EU Exit) Regulations 2019 and the Nuclear Safeguards (Fees) Regulations 2021: proposed changes Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Saturday 23rd August 2025
Department for Energy Security & Net Zero Source Page: Contracts for Difference: reforms to the Clean Industry Bonus, Allocation Round 8 Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Friday 8th August 2025
Department for Energy Security & Net Zero Source Page: Smart metering policy framework post 2025 Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Thursday 7th August 2025
Department for Business and Trade Source Page: Consumer Scotland super-complaint application Document: (PDF) Found: These include the Data Protection Act 2018 and relevant employment legislation. |
|
Thursday 7th August 2025
Department for Business and Trade Source Page: Consumer Scotland super-complaint application Document: (PDF) Found: These include the Data Protection Act 2018 and relevant employment legislation. |
|
Wednesday 6th August 2025
Ministry of Justice Source Page: Proposal on the future of Stirling SSCS Tribunal Hearing Centre Document: (PDF) Found: to information regimes (these are primarily the Freedom of Information Act 2000 (FOIA), the Data Protection Act |
|
Monday 4th August 2025
Department for Energy Security & Net Zero Source Page: Smart Secure Electricity Systems Programme (SSES): enduring governance Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Wednesday 30th July 2025
Department for Business and Trade Source Page: Late payments: tackling poor payment practices Document: (PDF) Found: maximum fine amount at 2% of annual turnover, in line with comparable regulations – namely The Data Protection Act |
|
Wednesday 23rd July 2025
Department for Energy Security & Net Zero Source Page: Hydrogen blending into the GB gas transmission network Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Wednesday 23rd July 2025
Department for Energy Security & Net Zero Source Page: Consumer-led flexibility: consumer engagement Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Tuesday 22nd July 2025
Cabinet Office Source Page: Consultation on the NSI Act Notifiable Acquisition Regulations Document: (PDF) Found: the Freedom of Information Act 2000, the Environmental Information Regulations 2004, and the Data Protection Act |
| Department Publications - Statistics |
|---|
|
Thursday 28th August 2025
Department for Digital, Culture, Media & Sport Source Page: Evaluation of the Youth Investment Fund Phase 2: interim report Document: (PDF) Found: data, including the European General Data Protection Regulation (EU) 2016/679 (GDPR), the UK Data Protection Act |
|
Thursday 31st July 2025
Ministry of Justice Source Page: Proven reoffending statistics: July and September 2023 Document: (PDF) Found: (Trustworthiness pillar, T6 Data governance) To comply with this and with the Data Protection Act of |
|
Thursday 31st July 2025
Ministry of Justice Source Page: HMPPS Annual Digest, April 2024 to March 2025 Document: (PDF) Found: Low numbers are suppressed to prevent disclosure in accordance with the Data Protection Act 2018 and |
|
Thursday 31st July 2025
Ministry of Justice Source Page: HMPPS Annual Digest, April 2024 to March 2025 Document: (PDF) Found: aggregate totals, preventing identification of individuals and infringement of the GDPR and Data Protection Act |
|
Friday 25th July 2025
Department for Work and Pensions Source Page: Sector-based Work Academy Programmes (SWAPs) Management Information, April 2021 to June 2025 Document: (ODS) Found: Figures fewer than 5 are supressed due to rounding to avoid disclosure required by the Data Protection Act |
| Department Publications - Policy and Engagement |
|---|
|
Wednesday 6th August 2025
Department for Energy Security & Net Zero Source Page: CCUS future network strategy Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Wednesday 6th August 2025
Department for Energy Security & Net Zero Source Page: Evolution of economic regulation for CO2 storage Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
|
Wednesday 23rd July 2025
Department for Energy Security & Net Zero Source Page: Improving the visibility of distributed energy assets Document: (PDF) Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act |
| Department Publications - Transparency |
|---|
|
Monday 4th August 2025
Department for Digital, Culture, Media & Sport Source Page: The National Lottery Community Fund annual report and accounts 2024 to 2025 Document: (PDF) Found: The UK GDPR, alongside the amended Data Protection Act 2018 and the Privacy and Electronic Communications |
|
Tuesday 29th July 2025
Department for Digital, Culture, Media & Sport Source Page: Gambling Commission annual report and accounts 2024 to 2025 Document: (PDF) Found: procedures in place to maintain compliance with General Data Protection Regulation (GDPR), the Data Protection Act |
|
Tuesday 22nd July 2025
Cabinet Office Source Page: Royal Mail Statutory Pension Scheme 2024-2025 Document: (PDF) Found: In line with the GDPR and the Data Protection Act 2018, the Scheme has ensured that: • contracts with |
|
Tuesday 22nd July 2025
Cabinet Office Source Page: Royal Mail Statutory Pension Scheme 2024-2025 Document: (PDF) Found: In line with the GDPR and the Data Protection Act 2018, the Scheme has ensured that: • contracts |
|
Monday 21st July 2025
HM Treasury Source Page: HM Treasury annual report and accounts 2024 to 2025 Document: (PDF) Found: were considered under the terms of the UK General Data Protection Regulation (UK GDPR) and Data Protection Act |
| Department Publications - News and Communications |
|---|
|
Wednesday 23rd July 2025
HM Treasury Source Page: NS&I Chair to step down Document: Framework Document (PDF) Found: information is received by either party under the Freedom of Information Act 2000, or the Data Protection Act |
| Non-Departmental Publications - Statistics |
|---|
|
Sep. 04 2025
Law Commission Source Page: Fourteenth programme of law reform Document: (PDF) Statistics Found: framework regulating data protection currently comprises of the following main laws: (1) the Data Protection Act |
|
Sep. 04 2025
HM Revenue & Customs Source Page: Understanding the Lifetime ISA: Non-holder quantitative research Document: (webpage) Statistics Found: awarded this in August 2008.The UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act |
|
Aug. 21 2025
HM Prison and Probation Service Source Page: HM Prison and Probation Service workforce quarterly: June 2025 Document: (ODS) Statistics Found: Low numbers are suppressed to prevent disclosure in accordance with the Data Protection Act, 1998. |
|
Aug. 21 2025
HM Prison and Probation Service Source Page: HM Prison and Probation Service workforce quarterly: June 2025 Document: (Excel) Statistics Found: Low numbers are suppressed to prevent disclosure in accordance with the Data Protection Act, 2018. |
|
Aug. 21 2025
HM Prison and Probation Service Source Page: HM Prison and Probation Service workforce quarterly: June 2025 Document: (ODS) Statistics Found: Low numbers are suppressed to prevent disclosure in accordance with the Data Protection Act, 2018. |
|
Aug. 21 2025
HM Prison and Probation Service Source Page: HM Prison and Probation Service workforce quarterly: June 2025 Document: (ODS) Statistics Found: Low numbers are suppressed to prevent disclosure in accordance with the Data Protection Act, 2018. |
|
Aug. 21 2025
Planning Inspectorate Source Page: Planning Inspectorate Ministerial Measures - Experimental Statistics 21 August 2025 Document: (PDF) Statistics Found: Responsible for Information training and they understand their responsibilities under the Data Protection Act |
|
Aug. 15 2025
Low Pay Commission Source Page: Low Pay Commission call for research Document: (webpage) Statistics Found: GDPR, and any applicable national implementing Laws as amended from time to time; (ii) the Data Protection Act |
|
Aug. 15 2025
Low Pay Commission Source Page: Low Pay Commission call for research Document: (webpage) Statistics Found: “DPA 2018” the Data Protection Act 2018. |
|
Aug. 01 2025
Regulatory Policy Committee Source Page: Late Payments - Tackling Poor Payment Practices: options assessment - RPC opinion (green-rated) Document: OA (PDF) Statistics Found: maximum fine amount at 2% of annual turnover, in line with comparable regulations – namely The Data Protection Act |
|
Aug. 01 2025
Environment Agency Source Page: The Environment Agency's regulation of waste pneumatic tyres and their export Document: (PDF) Statistics Found: Important: When creating an intelligence record you must adhere to both the Data Protection Act (2018 |
|
Jul. 31 2025
HM Prison and Probation Service Source Page: HMPPS Annual Digest, April 2024 to March 2025 Document: (PDF) Statistics Found: Low numbers are suppressed to prevent disclosure in accordance with the Data Protection Act 2018 and |
|
Jul. 31 2025
HM Prison and Probation Service Source Page: HMPPS Annual Digest, April 2024 to March 2025 Document: (PDF) Statistics Found: aggregate totals, preventing identification of individuals and infringement of the GDPR and Data Protection Act |
|
Jul. 24 2025
Centre for Connected and Autonomous Vehicles Source Page: Automated vehicles and sanctions systems Document: (PDF) Statistics Found: The UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act 2018 (DPA) Ipsos |
| Non-Departmental Publications - Open consultation |
|---|
|
Sep. 04 2025
Intellectual Property Office Source Page: Consultation on changes to the UK designs framework Document: (PDF) Open consultation Found: These are primarily the Freedom of Information Act 2000 (FOIA)5F 6 Data Protection Act 2018 (DPA)6F |
|
Sep. 04 2025
Intellectual Property Office Source Page: Consultation on changes to the UK designs framework Document: (PDF) Open consultation Found: These are primarily the Freedom of Information Act 2000 (FOIA)5F 6 Data Protection Act 2018 (DPA)6F |
|
Aug. 06 2025
Marine Accident Investigation Branch Source Page: Amendments to the MAIB regulations Document: (PDF) Open consultation Found: protection legislation, where “the data protection legislation” has the same meaning as in the Data Protection Act |
|
Aug. 06 2025
Marine Accident Investigation Branch Source Page: Amendments to the MAIB regulations Document: (PDF) Open consultation Found: The MAIB will process your personal data in accordance with the Data Protection Act and, in most circumstances |
| Non-Departmental Publications - Guidance and Regulation |
|---|
|
Sep. 03 2025
Office of Financial Sanctions Implementation Source Page: General Licence INT/2022/1710676 Revoked Document: (PDF) Guidance and Regulation Found: to third parties only in compliance with the UK General Data Protection Regulation and the Data Protection Act |
|
Sep. 02 2025
Defence and Security Accelerator Source Page: Competition: Defence Innovation Loans FY25/26 Cycle 4 Document: (PDF) Guidance and Regulation Found: We particularly draw to your attention the Bribery Act 2010, the Data Protection Act 2018, the Fraud |
|
Aug. 18 2025
Serious Fraud Office Source Page: Joint SFO-CPS Corporate Prosecution Guidance Document: Joint SFO-CPS Corporate Prosecution Guidance (webpage) Guidance and Regulation Found: proportionate, and made in accordance with applicable data protection legislation, including the Data Protection Act |
|
Aug. 08 2025
Planning Inspectorate Source Page: Nationally Significant Infrastructure Projects - Advice on working with public bodies in the infrastructure planning process: Annex A – Cyfoeth Naturiol Cymru / Natural Resources Wales Document: Nationally Significant Infrastructure Projects - Advice on working with public bodies in the infrastructure planning process: Annex A – Cyfoeth Naturiol Cymru / Natural Resources Wales (webpage) Guidance and Regulation Found: Wales is also subject to the provisions of the Environmental Information Regulations 2004, the Data Protection Act |
|
Jul. 30 2025
Government Operational Research Service Source Page: The AQuA Book Document: DESNZ Annual report (PDF) Guidance and Regulation Found: amounts paid are not disclosed as doing so would conflict with BEIS’ legal obligation under the data protection act |
|
Jul. 23 2025
Office of Financial Sanctions Implementation Source Page: OFSI General Licence INT/2022/1679676 Document: (PDF) Guidance and Regulation Found: to third parties only in compliance with the UK General Data Protection Regulation and the Data Protection Act |
|
Jul. 22 2025
Regulator of Social Housing Source Page: Memorandum of Understanding between the Regulator of Social Housing and The Health and Safety Executive (Building Safety Regulator) Document: (PDF) Guidance and Regulation Found: with arrangements under this MoU, each party will ensure that they fully comply with the Data Protection Act |
| Non-Departmental Publications - Transparency |
|---|
|
Aug. 28 2025
The Insolvency Service Source Page: Insolvency Service FOI responses: July to September 2025 Document: (PDF) Transparency Found: Data Protection Act 2018 and the General Data Protection Regulation (GDPR) 49. |
|
Aug. 06 2025
UK Hydrographic Office Source Page: UK Hydrographic Office 2024-2025 Annual Report released Document: (PDF) Transparency Found: Managing Public Money, The Hydrographic Office Trading Fund Order 1996, Public Records Act, Data Protection Act |
|
Aug. 04 2025
The National Lottery Community Fund Source Page: The National Lottery Community Fund annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: The UK GDPR, alongside the amended Data Protection Act 2018 and the Privacy and Electronic Communications |
|
Jul. 30 2025
Civil Nuclear Constabulary Source Page: The response to an FOI asking for the contracts register 2025 Document: (PDF) Transparency Found: disclosure of this information would breach the fair processing principle contained in the Data Protection Act |
|
Jul. 29 2025
Civil Nuclear Constabulary Source Page: CNPA Annual Report and Accounts 2024/25 Document: (PDF) Transparency Found: General Data Protection Regulation (GDPR) We comply with the Data Protection Act 2018 and with the |
|
Jul. 29 2025
National Citizen Service Source Page: National Citizen Service Trust annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: personal data on NCS participants, including ‘special category data’, in compliance with the Data Protection Act |
|
Jul. 29 2025
Science Museum Group Source Page: Science Museum Group Annual Report and Accounts 2024 to 2025 Document: (PDF) Transparency Found: protection We responded to 1,150 requests from individuals exercising their rights under the Data Protection Act |
|
Jul. 23 2025
Crown Prosecution Service Source Page: Crown Prosecution Service annual report and accounts 2024 - 2025 Document: (PDF) Transparency Found: teams ensure that data is effectively managed in line with the principles of UKGDPR, the Data Protection Act |
|
Jul. 22 2025
Committee on Standards in Public Life Source Page: Response to FOI request about staff training in AI Document: (PDF) Transparency Found: the UK General Data Protection Regulation and section 34(1) of the Data Protection Act |
|
Jul. 22 2025
Forensic Science Regulator Source Page: Forensic Science Regulator annual report for 2023 to 2024 Document: (PDF) Transparency Found: (9) In subsection (8)(a) “the data protection legislation” has the same meaning as in the Data Protection Act |
|
Jul. 22 2025
Maritime and Coastguard Agency Source Page: Maritime and Coastguard Agency framework agreement Document: (PDF) Transparency Found: under the Freedom of Information Act 2000, the environmental information regulations, or the Data Protection Act |
|
Jul. 22 2025
NHS Business Services Authority Source Page: NHSBSA annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: is subject to the requirements of the General Data Protection Regulation (GDPR) and the Data Protection Act |
|
Jul. 22 2025
NHS Business Services Authority Source Page: NHSBSA annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: is subject to the requirements of the General Data Protection Regulation (GDPR) and the Data Protection Act |
|
Jul. 22 2025
Nuclear Decommissioning Authority Source Page: Nuclear Decommissioning Authority: Annual Report and Accounts 2024 to 2025 Document: (PDF) Transparency Found: responded to all Subject Access Requests within the allotted timeframes allowed under the Data Protection Act |
|
Jul. 21 2025
Driver and Vehicle Licensing Agency Source Page: DVLA annual report and accounts 2024 to 2025 Document: (PDF) Transparency Found: number of payments, no further information is disclosed, as in doing so would conflict with the Data Protection Act |
|
Jul. 21 2025
Trade Remedies Authority Source Page: TRA Annual Report and Accounts 2024-25 Document: (PDF) Transparency Found: data protection legislation: the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act |
|
Jul. 21 2025
Trade Remedies Authority Source Page: TRA Annual Report and Accounts 2024-25 Document: (PDF) Transparency Found: data protection legislation: the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act |
| Non-Departmental Publications - Policy and Engagement |
|---|
|
Aug. 12 2025
Medicines and Healthcare products Regulatory Agency Source Page: Health Institution Exemption – Stakeholder survey Document: (PDF) Policy and Engagement Found: Your rights under the UK General Data Protection Regulation and the UK Data Protection Act 2018 apply |
|
Jul. 21 2025
HM Revenue & Customs Source Page: Modernising and mandating tax adviser registration with HMRC Document: (PDF) Policy and Engagement Found: (6) In this section— “the data protection legislation” has the same meaning as in the Data Protection Act |
|
Jul. 21 2025
HM Revenue & Customs Source Page: Enhancing HMRC’s powers: tackling tax adviser facilitated non-compliance Document: (PDF) Policy and Engagement Found: (meaning of “control”); “the data protection legislation” has the same meaning as in the Data Protection Act |
|
Jul. 21 2025
HM Revenue & Customs Source Page: Proposals to close in on promoters of marketed tax avoidance Document: (PDF) Policy and Engagement Found: the purpose of this Chapter; “data protection legislation” has the same meaning as in the Data Protection Act |
|
Jul. 21 2025
Medicines and Healthcare products Regulatory Agency Source Page: Medicines and Medical Devices Act 2021 – Stakeholder survey Document: (PDF) Policy and Engagement Found: Data Privacy This Review complies with data protection legislation including the Data Protection Act |
| Non-Departmental Publications - News and Communications |
|---|
|
Aug. 06 2025
UK Hydrographic Office Source Page: UK Hydrographic Office 2024–2025 Annual Report released Document: UK Hydrographic Office Annual Report and Accounts for 2024 to 2025 (PDF) News and Communications Found: Managing Public Money, The Hydrographic Office Trading Fund Order 1996, Public Records Act, Data Protection Act |
|
Jul. 23 2025
NS&I Source Page: NS&I Chair to step down Document: Framework Document (PDF) News and Communications Found: information is received by either party under the Freedom of Information Act 2000, or the Data Protection Act |
| Arms Length Bodies Publications |
|---|
|
Aug. 21 2025
NHS England Source Page: Standard alternative provider medical services contract Document: Standard alternative provider medical services contract (PDF) NHS Standard Contract Found: Patient vaccination status. 3A.3.2.3 “processing” has the meaning given by section 3(4) of the Data Protection Act |
|
Aug. 21 2025
NHS England Source Page: Standard general medical services (GMS) contract Document: Standard general medical services (GMS) contract (PDF) NHS Standard Contract Found: 11A.2.2 In clause 11A.2: “processing” has the meaning given by section 3(4) of the Data Protection Act |
|
Aug. 21 2025
NHS England Source Page: Standard personal medical services (PMS) agreement Document: Standard personal medical services (PMS) agreement (PDF) NHS Standard Contract Found: section 129 (regulations as to pharmaceutical services) of the 2006 Act; “DPA 2018” means the Data Protection Act |
|
Aug. 18 2025
NHS England Source Page: NHS Federated Data Platform data protection impact assessment – National Data Integration Tenant minimum viable product Document: NHS Federated Data Platform data protection impact assessment – National Data Integration Tenant minimum viable product (webpage) Regulatory Found: Under section 10(3) of the Data Protection Act 2018 (DPA), this requires a condition in Part 2 of Schedule |
|
Jul. 23 2025
NHS England Source Page: NHS FDP product data protection impact assessment – Cancer 360 Document: NHS FDP product data protection impact assessment – Cancer 360 (PDF) Data and statistics Found: Legal basis under UK GDPR & Data Protection Act 2018 (DPA 2018): Article 6 – Personal Data To be completed |
|
Jul. 23 2025
NHS England Source Page: NHS FDP product data protection impact assessment – Timely Care Hub Document: NHS FDP product data protection impact assessment – Timely Care Hub (PDF) Data and statistics Found: Legal basis under UK GDPR & Data Protection Act 2018 (DPA 2018): Article 6 – Personal Data To be completed |
|
Jul. 23 2025
NHS England Source Page: NHS FDP product data protection impact assessment – London Ambulance Service, My Clinical Feedback (LAS MCF) Document: NHS FDP product data protection impact assessment – London Ambulance Service (LAS) My Clinical Feedback (PDF) Regulatory Found: NHS Act 2006 LAS Dataset NHS Act 2006 NHS Act 2006 NHS Act 2006 Legal basis under UK GDPR & Data Protection Act |
|
Jul. 23 2025
NHS England Source Page: NHS FDP product data protection impact assessment – Transport cancellation Document: NHS FDP product data protection impact assessment – Transport cancellation (PDF) Data and statistics Found: Legal basis under UK GDPR & Data Protection Act 2018 (DPA 2018): Article 6 – Personal Data To be completed |
|
Jul. 23 2025
NHS England Source Page: NHS FDP product data protection impact assessment – Covid validated vaccination events Document: NHS FDP product data protection impact assessment – Covid validated vaccination events (VVEs) (PDF) Guidance Found: Social Care Act 2012 s.261(5)(d) and s.13Z3 (e) and (f) Legal basis under UK GDPR & Data Protection Act |
|
Jul. 23 2025
NHS England Source Page: NHS FDP product data protection impact assessment – flu vaccination events Document: NHS FDP product data protection impact assessment – flu vaccination events (PDF) Guidance Found: and Social Care Act 2012 s.261(5)(d) and s.13Z3 (e) and (f) Legal basis under UK GDPR & Data Protection Act |
|
Jul. 23 2025
NHS England Source Page: NHS FDP product data protection impact assessment – National vaccination programme reporting Document: NHS FDP product data protection impact assessment – National vaccination programme reporting (PDF) Guidance Found: Legal basis under UK GDPR & Data Protection Act 2018 (DPA 2018): Article 6 – Personal Data - Article |
|
Jul. 23 2025
NHS England Source Page: NHS FDP product data protection impact assessment – Ambulance data services dashboard Document: NHS FDP product data protection impact assessment – Ambulance data services dashboard (ADS) (PDF) Data and statistics Found: and Social Care Act 2012 s261(5)(d) and s13Z3 (e) and (f) Legal basis under UK GDPR & Data Protection Act |
| Draft Secondary Legislation |
|---|
|
The Financial Services and Markets Act 2023 (Mutual Recognition Agreement) (Switzerland) Regulations 2025 These Regulations implement provisions in the Agreement between the United Kingdom of Great Britain and Northern Ireland and the Swiss Confederation on Mutual Recognition in Financial Services done at Berne on 21st December 2023(52) (“the Agreement”). HM Treasury Found: . 2019/1043. (45)Section 391A of FSMA 2000 was amended by paragraph 50 of Schedule 2 to the Data Protection Act |
| Welsh Committee Publications |
|---|
|
Wednesday 25th June 2025
PDF - Letter from the Leader of Cardiff Council to the Chair in relation to the Bus Services (Wales) Bill - 25 June 2025 Inquiry: Report on the Bus Services (Wales) Bill Found: SWYDDFA’R ARWEINYDD LEADER'S OFFICE Your information is processed under the Data Protection Act 2018 |
|
PDF - 01 May 2025 Inquiry: The Welsh Government’s Legislative Consent Memorandum on the Data (Use and Access) Bill Found: provided by UK legislation set out in the General Data Protection Regulation (GDPR) and the Data Protection Act |
|
PDF - Explanatory Memorandum Inquiry: Homelessness and Social Housing Allocation (Wales) Bill Found: or use of information that would contravene data protection legislation, as defined by the Data Protection Act |
|
PDF - Homelessness and Social Housing Allocation (Wales) Bill, as introduced Inquiry: Homelessness and Social Housing Allocation (Wales) Bill Found: information which would contravene data protection legislation (within the meaning of the Data Protection Act |
|
PDF - EM - The Legislative Reform (Disclosure of Adult Social Care Data) Order 2025 Inquiry: Report on the Statutory Instrument Consent Memorandum for the Legislative Reform (Disclosure of Adult Social Care Data) Order 2025 Found: Data Protection Act 2018). |
|
PDF - Building Safety (Wales) Bill, as introduced Inquiry: Building Safety (Wales) Bill Found: (9) In this section— “the data protection legislation” has the same meaning as in the Data Protection Act |
|
PDF - Explanatory Memorandum. Inquiry: Building Safety (Wales) Bill Found: Subsection (9) provides that “the data protection legislation” has the same meaning as in the Data Protection Act |
|
PDF - Letter from the Leader of Cardiff Council to the Chair in relation to the Bus Services (Wales) Bill – 25 June 2025 Inquiry: Report on the Bus Services (Wales) Bill Found: SWYDDFA’R ARWEINYDD LEADER'S OFFICE Your information is processed under the Data Protection Act 2018 |
|
PDF - Supplementary LCM Inquiry: Legislative Consent: Children’s Wellbeing and Schools Bill Found: Education Act 2002 • The Academies Act 2010 • School Standards and Framework Act 1998 • Data Protection Act |
|
PDF - Explanatory Memorandum Inquiry: Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: Information Commissioner's Office (ICO) is the independent regulatory office dealing with the Data Protection Act |
|
PDF - Bill Inquiry: Environment (Principles, Governance and Biodiversity Targets) (Wales) Bill Found: 25 (4) In this section, “the data protection legislation” has the same meaning as in the Data Protection Act |
|
PDF - Supplementary LCM Inquiry: Legislative Consent: Children’s Wellbeing and Schools Bill Found: The Education Act 2002 The Academies Act 2010 School Standards and Framework Act 1998 Data Protection Act |
| Welsh Government Publications |
|---|
|
Friday 4th July 2025
Source Page: Distribution Sub Group meeting: 4 July 2025 Document: Paper 09 (PDF) Found: Data was supplied via postcodes and handled in accordance with the 1998 Data Protection Act with special |
|
Thursday 19th June 2025
Source Page: Patterns of attainment in reading and numeracy: September 2018 to August 2024 Document: Patterns of attainment in reading and numeracy: September 2018 to August 2024 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act |
|
Tuesday 17th June 2025
Source Page: Homelessness and Social Housing Allocation (Wales) Bill: impact assessments Document: Data protection impact assessment (webpage) Found: Section 8 of the Data Protection Act 2018 (“the 2018 Act”) supplements Article 6(1) of the UK GDPR by |
|
Monday 16th June 2025
Source Page: FOI release 24727: Wales and West Housing Association Document: Doc 1 (PDF) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act |
|
Monday 16th June 2025
Source Page: FOI release 24727: Wales and West Housing Association Document: Doc 2 (PDF) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act |
|
Monday 16th June 2025
Source Page: FOI release 24727: Wales and West Housing Association Document: Wales and West Housing Association (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’) |
|
Wednesday 11th June 2025
Source Page: FOI release 24708: Staff policies Document: Doc 1 (PDF) Found: Act 2010 4.2 Gender Recognition Act 2004 4.3 UK General Data Protection Regulation and Data Protection Act |
|
Wednesday 11th June 2025
Source Page: FOI release 24699: Indian Office Document: Indian Office (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’) |
|
Monday 9th June 2025
Source Page: FOI release 24700: Planning Applications Document: Planning Applications (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’) |
|
Friday 6th June 2025
Source Page: FOI release 24466: Planning inspectors Document: Internal Review (PDF) Found: data protection principles, or (b) would do so if the exemptions in section 24(1) of the Data Protection Act |
|
Friday 6th June 2025
Source Page: FOI release 24466: Planning inspectors Document: Planning inspectors (PDF) Found: dictated by data protection regulations; General Data Protection Regulations UK (UK GDPR) and Data Protection Act |
|
Wednesday 4th June 2025
Source Page: FOI release 24689: Brexit Document: Brexit (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’) |
|
Tuesday 3rd June 2025
Source Page: FOI release 24688: Newtown Bypass Document: Newtown Bypass (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’) |
|
Tuesday 3rd June 2025
Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 23 May 2025 Document: Attendance of pupils in maintained schools: 2 September 2024 to 23 May 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act |
|
Tuesday 20th May 2025
Source Page: FOI release 24539: Free School Meals Document: Free School Meals (PDF) Found: Education Act 1996 and that their processing of personal data is in line with UK GDPR and the Data Protection Act |
|
Monday 19th May 2025
Source Page: Small Grants – Environment (water): general rules booklet 2025 Document: Small Grants – Environment (water): general rules booklet 2025 (webpage) Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act |
|
Monday 19th May 2025
Source Page: FOI release 23214: River Basin Management Plans Document: River Basin Management Plans (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’) |
|
Monday 19th May 2025
Source Page: Rights, respect, equality anti-bullying guidance Document: Rights, respect, equality: statutory guidance for schools and settings (draft) (PDF) Found: protection legislation, such as the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act |
|
Monday 19th May 2025
Source Page: Development management manual Document: Development management manual (without annexes) (PDF) Found: However, under the Data Protection Act 1998, the addresses and other contact information of private |
|
Thursday 15th May 2025
Source Page: Commons Act 2006: apply under section 38 Document: Commons Act 2006: apply under section 38 (PDF) Found: Organisation (if applicable) Date You must keep a copy of your completed form Data Protection Act |
|
Wednesday 14th May 2025
Source Page: Welsh Government’s standard conditions for the supply of services Document: Standard conditions for the supply of services (PDF) Found: this Contract in respect of which such Party is liable to the other; DPA 2018 means the Data Protection Act |
|
Monday 12th May 2025
Source Page: Partnership arrangements for care and support: guidance Document: Part 9 statutory guidance: partnership arrangements (PDF) Found: other duties, including its duties under the General Data Protection Regulations 2018, the Data Protection Act |
|
Thursday 8th May 2025
Source Page: Assets Collaboration Programme Wales Phase 3 (ACPW3): grant offer letter Document: Grant offer letter (webpage) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act |
|
Wednesday 7th May 2025
Source Page: Access Broadband Cymru: sample standard grant letter Document: Access Broadband Cymru: sample standard grant letter (webpage) Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act |
|
Tuesday 6th May 2025
Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 25 April 2025 Document: Attendance of pupils in maintained schools: 2 September 2024 to 25 April 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act |
|
Monday 28th April 2025
Source Page: Iaith Athrawon Yfory Incentive Scheme: guidance for ITE partnerships from 2023 and 2024 Document: Iaith Athrawon Yfory Incentive Scheme: guidance for ITE partnerships from 2023 and 2024 (webpage) Found: Information Regulations 2004 (the “EIR”) the General Data Protection Regulation (GDPR) and Data Protection Act |
|
Monday 28th April 2025
Source Page: National multi-agency practice framework for children’s services Document: National multi-agency practice framework for children’s services (webpage) Found: their legal obligations, namely the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act |
|
Thursday 24th April 2025
Source Page: FOI release 24584: Ceredigion Local Development Plan Document: Doc 1 (PDF) Found: Under the UK GDPR, Data Protection Act 2018 and the Freedom of Information Act 2000 the contents of |
|
Thursday 24th April 2025
Source Page: FOI release 24584: Ceredigion Local Development Plan Document: Ceredigion Local Development Plan (PDF) Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’) |
|
Tuesday 22nd April 2025
Source Page: Attendance of pupils in maintained schools: 2 September 2024 to 11 April 2025 Document: Attendance of pupils in maintained schools: 2 September 2024 to 11 April 2025 (webpage) Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act |
| Welsh Written Answers |
|---|
|
WQ96336
Asked by: Gareth Davies (Welsh Conservative Party - Vale of Clwyd) Friday 2nd May 2025 Question What Welsh Government guidance is provided to GP practices regarding charging patients for accessing their medical records? Answered by Cabinet Secretary for Health and Social Care The General Data Protection Regulations and the Data Protection Act 2018 were made by the UK government and apply to the four nations of the UK. GP practices cannot charge patients for reasonable access to their medical record. Guidance for GPs has been issued by the BMA to help practices in understanding their statutory obligations. bma-access-to-health-records-nov-19.pdf |