Found: society services rely on this lawful ground to process personal data, the UK GDPR and the Data Protection Act

Found: claims against the core department, some of which involve possible financial liabilities. 5,050 Data Protection Act

Found: recovered or received for work done for other departments, freedom of information receipts, Data Protection Act

Found: recovered or received for work done for other departments, freedom of information receipts, Data Protection Act

Found: Additionally, the UK General Data Protection Regulation and the Data Protection Act 2018 require all

Found: Additionally, the UK General Data Protection Regulation and the Data Protection Act 2018 require all

Found: of small boats arrivals was unlawful and the Home Office conceded it was a breach of the Data Protection Act

Found: the Bill relies on existing oversight regimes (e.g. the Investigatory Powers Act 2016 and Data Protection Act

Found: Further, S37 of the Data Protection Act 2018 requires that personal data processed for law enforcement

Found: provided to eligible victims under the VCS or through the Helpline must be compliant with the Data Protection Act

Found: AI regulatory regime, we should leverage existing frameworks such as:AIFS0032  UK GDPR & Data Protection Act

Found: Schedule 2 of the UK Data Protection Act 2018 outlines exemptions which can in some cases be relied

Found: Services and Markets Act 2000, the Money Laundering Regulations 2017 (as amended), and UK GDPR/Data Protection Act

Found: market players is heavily restricted when it comes to social scoring (see the EU GDPR / UK Data Protection Act

Question to the Ministry of Justice:

To ask the Secretary of State for Justice, what plans her Department has to strengthen the protection of people with spent convictions, in the context of technological advancements in data sharing.

Answered by Nicholas Dakin - Government Whip, Lord Commissioner of HM Treasury

The Rehabilitation of Offenders Act 1974 (the ROA) sets out when an offender is considered to be ‘rehabilitated’ for the purposes of the Act and sets out the relevant rehabilitation periods for cautions and convictions, i.e. when a caution or conviction becomes ‘spent’. Where an offender is rehabilitated for the purposes of the ROA, the ROA provides that they are entitled to withhold the fact of, or information about their spent cautions or convictions. The Rehabilitation of Offenders Act 1974 (exceptions) order 1975 creates exceptions with the effect that in some circumstances, spent as well as unspent cautions and convictions must be disclosed and may be taken into account when assessing a person’s suitability for certain positions. This balances the protection of the public with allowing ex-offenders to move on with their lives. We are carefully assessing the evidence in this space before considering whether adjustments to the regime are necessary.

An individual can check if a conviction or caution is spent or unspent via the GOV.UK Disclosure Checker: Check if you need to tell someone about your criminal record: Check if your conviction or caution is spent - GOV.UK. We provide information, advice and guidance for employers, landlords and other entities on how they should implement the Rehabilitation of Offenders Act (ROA). This can be found on The GOV.UK guidance on the ROA. The guidance is clear that balanced judgements should be made and factors such as the person’s age at the time of the offence, the nature of the offence, how long ago the offence was committed, its relevance to the application or post in question, and what else is known about the persons conduct should be considered. We also provide good practice resources on hiring prison leavers via the New Futures Network. If an employer is unsure what check can be requested, they can contact the Disclosure and Barring Service.

As part of the Government's plan to Make Work Pay, the Employment Rights Bill is repealing the two-year qualifying period for unfair dismissal protection. By making this a ‘day one’ right, millions of employees will have protection against being arbitrarily fired by their employer. The Government is taking steps to support those with criminal convictions. Employees with spent convictions will be able claim unfair dismissal from day one (excluding those roles covered by the Exceptions Order). Reforms of unfair dismissal will take effect no sooner than autumn 2026.

Organisations in the UK that process personal data must comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA). Oversight and enforcement of these data protection laws are carried out independently of the government by the Information Commissioner’s Office (ICO). Under these laws, individuals have several rights concerning their personal data, including the right to request its erasure - commonly referred to as the ‘right to be forgotten’. The ICO, as the UK’s independent data protection regulator, provides comprehensive guidance on its website.

Question to the Ministry of Justice:

To ask the Secretary of State for Justice, what guidance her Department provides to (a) employers, (b) landlords and (c) other entities to ensure they properly understand and respect the rights of people with spent convictions.

Answered by Nicholas Dakin - Government Whip, Lord Commissioner of HM Treasury

The Rehabilitation of Offenders Act 1974 (the ROA) sets out when an offender is considered to be ‘rehabilitated’ for the purposes of the Act and sets out the relevant rehabilitation periods for cautions and convictions, i.e. when a caution or conviction becomes ‘spent’. Where an offender is rehabilitated for the purposes of the ROA, the ROA provides that they are entitled to withhold the fact of, or information about their spent cautions or convictions. The Rehabilitation of Offenders Act 1974 (exceptions) order 1975 creates exceptions with the effect that in some circumstances, spent as well as unspent cautions and convictions must be disclosed and may be taken into account when assessing a person’s suitability for certain positions. This balances the protection of the public with allowing ex-offenders to move on with their lives. We are carefully assessing the evidence in this space before considering whether adjustments to the regime are necessary.

An individual can check if a conviction or caution is spent or unspent via the GOV.UK Disclosure Checker: Check if you need to tell someone about your criminal record: Check if your conviction or caution is spent - GOV.UK. We provide information, advice and guidance for employers, landlords and other entities on how they should implement the Rehabilitation of Offenders Act (ROA). This can be found on The GOV.UK guidance on the ROA. The guidance is clear that balanced judgements should be made and factors such as the person’s age at the time of the offence, the nature of the offence, how long ago the offence was committed, its relevance to the application or post in question, and what else is known about the persons conduct should be considered. We also provide good practice resources on hiring prison leavers via the New Futures Network. If an employer is unsure what check can be requested, they can contact the Disclosure and Barring Service.

As part of the Government's plan to Make Work Pay, the Employment Rights Bill is repealing the two-year qualifying period for unfair dismissal protection. By making this a ‘day one’ right, millions of employees will have protection against being arbitrarily fired by their employer. The Government is taking steps to support those with criminal convictions. Employees with spent convictions will be able claim unfair dismissal from day one (excluding those roles covered by the Exceptions Order). Reforms of unfair dismissal will take effect no sooner than autumn 2026.

Organisations in the UK that process personal data must comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA). Oversight and enforcement of these data protection laws are carried out independently of the government by the Information Commissioner’s Office (ICO). Under these laws, individuals have several rights concerning their personal data, including the right to request its erasure - commonly referred to as the ‘right to be forgotten’. The ICO, as the UK’s independent data protection regulator, provides comprehensive guidance on its website.

Question to the Ministry of Justice:

To ask the Secretary of State for Justice, whether she has made an assessment of the effectiveness of the Rehabilitation of Offenders Act 1974.

Answered by Nicholas Dakin - Government Whip, Lord Commissioner of HM Treasury

The Rehabilitation of Offenders Act 1974 (the ROA) sets out when an offender is considered to be ‘rehabilitated’ for the purposes of the Act and sets out the relevant rehabilitation periods for cautions and convictions, i.e. when a caution or conviction becomes ‘spent’. Where an offender is rehabilitated for the purposes of the ROA, the ROA provides that they are entitled to withhold the fact of, or information about their spent cautions or convictions. The Rehabilitation of Offenders Act 1974 (exceptions) order 1975 creates exceptions with the effect that in some circumstances, spent as well as unspent cautions and convictions must be disclosed and may be taken into account when assessing a person’s suitability for certain positions. This balances the protection of the public with allowing ex-offenders to move on with their lives. We are carefully assessing the evidence in this space before considering whether adjustments to the regime are necessary.

An individual can check if a conviction or caution is spent or unspent via the GOV.UK Disclosure Checker: Check if you need to tell someone about your criminal record: Check if your conviction or caution is spent - GOV.UK. We provide information, advice and guidance for employers, landlords and other entities on how they should implement the Rehabilitation of Offenders Act (ROA). This can be found on The GOV.UK guidance on the ROA. The guidance is clear that balanced judgements should be made and factors such as the person’s age at the time of the offence, the nature of the offence, how long ago the offence was committed, its relevance to the application or post in question, and what else is known about the persons conduct should be considered. We also provide good practice resources on hiring prison leavers via the New Futures Network. If an employer is unsure what check can be requested, they can contact the Disclosure and Barring Service.

As part of the Government's plan to Make Work Pay, the Employment Rights Bill is repealing the two-year qualifying period for unfair dismissal protection. By making this a ‘day one’ right, millions of employees will have protection against being arbitrarily fired by their employer. The Government is taking steps to support those with criminal convictions. Employees with spent convictions will be able claim unfair dismissal from day one (excluding those roles covered by the Exceptions Order). Reforms of unfair dismissal will take effect no sooner than autumn 2026.

Organisations in the UK that process personal data must comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA). Oversight and enforcement of these data protection laws are carried out independently of the government by the Information Commissioner’s Office (ICO). Under these laws, individuals have several rights concerning their personal data, including the right to request its erasure - commonly referred to as the ‘right to be forgotten’. The ICO, as the UK’s independent data protection regulator, provides comprehensive guidance on its website.

Question to the Ministry of Justice:

To ask the Secretary of State for Justice, what steps her Department is taking to ensure that organisations do not discriminate against people with spent convictions.

Answered by Nicholas Dakin - Government Whip, Lord Commissioner of HM Treasury

The Rehabilitation of Offenders Act 1974 (the ROA) sets out when an offender is considered to be ‘rehabilitated’ for the purposes of the Act and sets out the relevant rehabilitation periods for cautions and convictions, i.e. when a caution or conviction becomes ‘spent’. Where an offender is rehabilitated for the purposes of the ROA, the ROA provides that they are entitled to withhold the fact of, or information about their spent cautions or convictions. The Rehabilitation of Offenders Act 1974 (exceptions) order 1975 creates exceptions with the effect that in some circumstances, spent as well as unspent cautions and convictions must be disclosed and may be taken into account when assessing a person’s suitability for certain positions. This balances the protection of the public with allowing ex-offenders to move on with their lives. We are carefully assessing the evidence in this space before considering whether adjustments to the regime are necessary.

An individual can check if a conviction or caution is spent or unspent via the GOV.UK Disclosure Checker: Check if you need to tell someone about your criminal record: Check if your conviction or caution is spent - GOV.UK. We provide information, advice and guidance for employers, landlords and other entities on how they should implement the Rehabilitation of Offenders Act (ROA). This can be found on The GOV.UK guidance on the ROA. The guidance is clear that balanced judgements should be made and factors such as the person’s age at the time of the offence, the nature of the offence, how long ago the offence was committed, its relevance to the application or post in question, and what else is known about the persons conduct should be considered. We also provide good practice resources on hiring prison leavers via the New Futures Network. If an employer is unsure what check can be requested, they can contact the Disclosure and Barring Service.

As part of the Government's plan to Make Work Pay, the Employment Rights Bill is repealing the two-year qualifying period for unfair dismissal protection. By making this a ‘day one’ right, millions of employees will have protection against being arbitrarily fired by their employer. The Government is taking steps to support those with criminal convictions. Employees with spent convictions will be able claim unfair dismissal from day one (excluding those roles covered by the Exceptions Order). Reforms of unfair dismissal will take effect no sooner than autumn 2026.

Organisations in the UK that process personal data must comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA). Oversight and enforcement of these data protection laws are carried out independently of the government by the Information Commissioner’s Office (ICO). Under these laws, individuals have several rights concerning their personal data, including the right to request its erasure - commonly referred to as the ‘right to be forgotten’. The ICO, as the UK’s independent data protection regulator, provides comprehensive guidance on its website.

Question to the Ministry of Justice:

To ask the Secretary of State for Justice, what steps her Department is taking to ensure that spent convictions are not considered once spent.

Answered by Nicholas Dakin - Government Whip, Lord Commissioner of HM Treasury

The Rehabilitation of Offenders Act 1974 (the ROA) sets out when an offender is considered to be ‘rehabilitated’ for the purposes of the Act and sets out the relevant rehabilitation periods for cautions and convictions, i.e. when a caution or conviction becomes ‘spent’. Where an offender is rehabilitated for the purposes of the ROA, the ROA provides that they are entitled to withhold the fact of, or information about their spent cautions or convictions. The Rehabilitation of Offenders Act 1974 (exceptions) order 1975 creates exceptions with the effect that in some circumstances, spent as well as unspent cautions and convictions must be disclosed and may be taken into account when assessing a person’s suitability for certain positions. This balances the protection of the public with allowing ex-offenders to move on with their lives. We are carefully assessing the evidence in this space before considering whether adjustments to the regime are necessary.

An individual can check if a conviction or caution is spent or unspent via the GOV.UK Disclosure Checker: Check if you need to tell someone about your criminal record: Check if your conviction or caution is spent - GOV.UK. We provide information, advice and guidance for employers, landlords and other entities on how they should implement the Rehabilitation of Offenders Act (ROA). This can be found on The GOV.UK guidance on the ROA. The guidance is clear that balanced judgements should be made and factors such as the person’s age at the time of the offence, the nature of the offence, how long ago the offence was committed, its relevance to the application or post in question, and what else is known about the persons conduct should be considered. We also provide good practice resources on hiring prison leavers via the New Futures Network. If an employer is unsure what check can be requested, they can contact the Disclosure and Barring Service.

As part of the Government's plan to Make Work Pay, the Employment Rights Bill is repealing the two-year qualifying period for unfair dismissal protection. By making this a ‘day one’ right, millions of employees will have protection against being arbitrarily fired by their employer. The Government is taking steps to support those with criminal convictions. Employees with spent convictions will be able claim unfair dismissal from day one (excluding those roles covered by the Exceptions Order). Reforms of unfair dismissal will take effect no sooner than autumn 2026.

Organisations in the UK that process personal data must comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA). Oversight and enforcement of these data protection laws are carried out independently of the government by the Information Commissioner’s Office (ICO). Under these laws, individuals have several rights concerning their personal data, including the right to request its erasure - commonly referred to as the ‘right to be forgotten’. The ICO, as the UK’s independent data protection regulator, provides comprehensive guidance on its website.

Question to the Department of Health and Social Care:

To ask His Majesty's Government what assessment they have made of artificial intelligence technology being trained on real patient data, and whether they intend to introduce regulation around the use of health records in training artificial intelligence

Answered by Baroness Merron - Parliamentary Under-Secretary (Department of Health and Social Care)

There are strict safeguards in place throughout the National Health Service to protect data. All providers of services which handle patient data must protect that data in line with the UK General Data Protection Regulation (UK GDPR), and the Data Protection Act 2018, and every health organisation is required to appoint a Caldicott Guardian to advise on the protection of people’s health and care data, and ensure it is used properly. This includes where artificial intelligence (AI) is used in relation to patient records.

The NHS AI Lab and Sciencewise, part of UK Research and Innovation, held a public dialogue on how the public feels decisions should be made about access to their personal health data for AI purposes. The AI Lab conducted a discovery exercise to design approaches based on insights from the public, which is now informing broader data stewardship initiatives, for example, as part of the Secure Data Environments.

To mitigate the likelihood and severity of any potential harm to individuals arising from the use of data in AI, the Information Commissioners Office has developed detailed AI guidance which provides an overarching view of data protection, including Data Protection Impact Assessments and UK GDPR. They have also produced an AI toolkit to support organisations auditing compliance of their AI-based technologies. NHS bodies are expected to make use of this guidance and toolkit.

Found: , so that any provisions in the act that provide for data sharing would be subject to the Data Protection Act

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Found: (3) Paragraph 4 of Schedule 2 to the Data Protection Act 2018 shall not apply to personal data to

Found: within any paragraph of subsection (9) makes a request to a bank under section 45(1) of the Data Protection Act

Found: within any paragraph of subsection (9) makes a request to a bank under section 45(1) of the Data Protection Act

Found: costs 136 Under clause 7(6), data protection law would have the same meaning as in the Data Protection Act

Found: within any paragraph of subsection (9) makes a request to a bank under section 45(1) of the Data Protection Act

Found: (7) In subsection (6), “the data protection legislation” has the same meaning as in the Data Protection Act

Found: 2016. (7) In subsection (6), “the data protection legislation” has the same meaning as in the Data Protection Act

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Found: section “the data protection legislation” and “processing” have the same meaning as in the Data Protection Act

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Found: (3) Paragraph 4 of Schedule 2 to the Data Protection Act 2018 shall not apply to personal data to

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Found: section “the data protection legislation” and “processing” have the same meaning as in the Data Protection Act

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Found: section “the data protection legislation” and “processing” have the same meaning as in the Data Protection Act

Found: (3) Paragraph 4 of Schedule 2 to the Data Protection Act 2018 shall not apply to personal data to

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Found: section “the data protection legislation” and “processing” have the same meaning as in the Data Protection Act

Found: (3) Paragraph 4 of Schedule 2 to the Data Protection Act 2018 shall not apply to personal data to

Found: fine. 30(8) In this section— “data protection legislation” has the same meaning as in the Data Protection Act

Found: section— “the data protection legislation” and “processing” have the same meanings as in the Data Protection Act

Found: section— 15 “the data protection legislation” and “processing” have the same meanings as in the Data Protection Act

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Found: Kingdom of certain persons including foreign national offenders; to create exemptions from the Data Protection Act

Found: data will be subject to the requirements in the UK General Data Protection Regulation and the Data Protection Act

Found: section “the data protection legislation” and “processing” have the same meaning as in the Data Protection Act

Found: , so that any provisions in the act that provide for data sharing would be subject to the Data Protection Act

Found: same meaning as in section 104; “data protection legislation” has the same meaning as in the Data Protection Act

Found: “the data protection legislation” and 15 “processing” have the same meanings as in the Data Protection Act

Found: Exclusion of application to the armed forces 18 Clause 11: Amendment of Schedule 7 to the Data Protection Act

Found: section “the data protection legislation” and “processing” have the same meaning as in the Data Protection Act

Found: of State 10 Exclusion of application to the armed forces 11 Amendment of Schedule 7 to the Data Protection Act

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Found: infliction of emotional distress, defamation, breach of confidence, harassment or breach of the Data Protection Act

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Found: following Clause— “Exemptions from the UK GDPR: illegal migration and foreign criminals (1) The Data Protection Act

Found: following Clause— “Exemptions from the UK GDPR: illegal migration and foreign criminals (1) The Data Protection Act

Found: following Clause— “Exemptions from the UK GDPR: illegal migration and foreign criminals (1) The Data Protection Act

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Found: following Clause— “Exemptions from the UK GDPR: illegal migration and foreign criminals (1) The Data Protection Act

Found: (3) Paragraph 4 of Schedule 2 to the Data Protection Act 2018 shall not apply to personal data to

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Found: following Clause— “Exemptions from the UK GDPR: illegal migration and foreign criminals (1) The Data Protection Act

Found: (3) Paragraph 4 of Schedule 2 to the Data Protection Act 2018 shall not apply to personal data to

Found: (2) For the purposes of Article 6(1) of the UK GDPR, section 35 of the Data Protection Act 2018 (“

Found: system and explains your rights under the General Data Protection Regulation (GDPR) and the Data Protection Act

Found: Management principles to protect, manage and retain corporate memory and compliance with the Data Protection Act

Found: claims against the core department, some of which involve possible financial liabilities. 5,050 Data Protection Act

Found: claims against the core department, some of which involve possible financial liabilities. 5,050 Data Protection Act

Found: obligations as set out in Article 13 of UK General Data Protection Regulation (UK GDPR) and the Data Protection Act

Found: Legal requirements as per the Data Protection Act 2018 must be followed for all cases where sensitive

Found: and more information When we ask you for information, we will keep to the law, including the Data Protection Act

Found: Data Protection Act 2018).

Found: may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act

Found: Data; “Data Protection Legislation” (i) the UK GDPR as amended from time to time; (ii) the Data Protection Act

Found: Data; “Data Protection Legislation” (i) the UK GDPR as amended from time to time; (ii) the Data Protection Act

Found: Data; “Data Protection Legislation” (i) the UK GDPR as amended from time to time; (ii) the Data Protection Act

Found: Data; “Data Protection Legislation” (i) the UK GDPR as amended from time to time; (ii) the Data Protection Act

Found: Data; “Data Protection Legislation” (i) the UK GDPR as amended from time to time; (ii) the Data Protection Act

Found: Data; “Data Protection Legislation” (i) the UK GDPR as amended from time to time; (ii) the Data Protection Act

Found: Data; “Data Protection Legislation” (i) the UK GDPR as amended from time to time; (ii) the Data Protection Act

Found: by HMG should comply with laws under The General Data Protection Regulation (GDPR) and the Data Protection Act

Found: professionals and ISVAs are bound by the UK General Data Protection Regulation (GDPR) and Data Protection Act

Found: professionals and IDVAs are bound by the UK General Data Protection Regulation (GDPR) and Data Protection Act

Found: are completing this section voluntarily; your details will be held securely according to the Data Protection Act

Found: be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act

Found: information regimes (these are primarily the Freedom of Information Act 2000 (FOIA), the Data Protection Act

Found: to information regimes (these are primarily the Freedom of Information Act 2000 (FOIA), the Data Protection Act

Found: inconsistent with the requirements of UK General Data Protection Regulation 2016 (GDPR) and the Data Protection Act

Found: students in the University. 19.24 Following the second strand of Intelligence, SWP put in a Data Protection Act

Found: Furthermore, any information provided to eligible victims must comply with the Data Protection Act 2018

Found: ISO 27001:2013Interviewer Quality Control Scheme (IQCS) Member CompanyRegistered under the Data Protection Act

Found: be awarded this in August 2008.The UK General Data Protection Regulation (GDPR) and the UK Data Protection Act

Found: Responsible for Information training and they understand their responsibilities under the Data Protection Act

Found: Low numbers are suppressed to prevent disclosure in accordance with the Data Protection Act, 2018.

Found: Low numbers are suppressed to prevent disclosure in accordance with the Data Protection Act, 2018.

Found: Low numbers are suppressed to prevent disclosure in accordance with the Data Protection Act, 1998.

Found: obligations as set out in Article 13 of UK General Data Protection Regulation (UK GDPR) and the Data Protection Act

Found: the Data Controller and in compliance with the organisation’s responsibilities under the Data Protection Act

Found: Data Protection Act 2018).

Found: to third parties only in compliance with the UK General Data Protection Regulation and the Data Protection Act

Found: to third parties only in compliance with the UK General Data Protection Regulation and the Data Protection Act

Found: to third parties only in compliance with the UK General Data Protection Regulation and the Data Protection Act

Found: waste Compliance with the General Data Protection Regulation (transposed into UK law by the Data Protection Act

Found: We particularly draw to your attention the Bribery Act 2010, the Data Protection Act 2018, the Fraud

Found: information in this paragraph does not refer to data which is personal data for the purposes of the Data Protection Act

Found: Where details of a payment to an individual is protected by The Data Protection Act it has not been published

Found: Security, including Cyber Security, the General Data Protection Regulation (GDPR) and the Data Protection Act

Found: and Security, including Cyber Security, the General Data Protection Regulation (GDPR) and Data Protection Act

Found: Securit y, including Cyber Security, the General Data Pro tection Regulation (G DPR) and the Data Protection Act

Found: and Security, including Cyber Security, the G eneral Data Protection Regulatio n (GDPR) and Data Protection Act

Found: this message and any reply to it public if asked to under the Freedom of Information Act, Data Protection Act

Found: “For the avoidance of doubt, there is nothing within the Data Protection Act 2018 that prohibits the

Found: Psychological Therapies Directions 2021 - NHS England Digital Legal basis under UK GDPR & Data Protection Act

Found: Relevant professionals and IDVAs are bound by the UK General Data Protection Regulation (GDPR) and Data Protection Act

Found: Relevant professionals and ISVAs are bound by the UK General Data Protection Regulation (GDPR) and Data Protection Act

Found: protection and privacy legislation in force from time to time in the UK including: a) the Data Protection Act

Found: gathered, held, processed or to be shared requires a clear purpose and lawful basis under the Data Protection Act

Found: breaches arising from noncompliance with UK General Data Protection Regulation (UK GDPR) and the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regul ation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: to provide information facilitates a lawful basis for processing under section 8(c) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act

Found: as a breach of this agreement 6.3 The Grantee shall ensure that all requirements of the Data Protection Act

Found: are the data subject, and so it is subject to the General Data Protection Regulation and the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: are collecting this data in the performance of a public task, under Article 6(1)(e) of the Data Protection Act

Found: are collecting this data in the performance of a public task, under Article 6(1)(e) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: Nations Convention of the Rights of Persons with Disabilities; Education (Scotland) Act 2016; Data Protection Act

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Found: information given to us about you and your complaint for its intended purpose and in line with Data Protection Act

Found: For compliance with the Data Protection Act 1998, personal information such as people’s telephone numbers

Found: ; and also to view the decision on the appeal once it has been made.For compliance with the Data Protection Act

Found: party and disclosing it would contravene the data protection principles in Schedule 1 to the Data Protection Act

Found: contravene the data protection principles in Article 5(1) of the UK GDPR (or section 34(1) of the Data Protection Act

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: of Information (Scotland) Act 2002 (FOISA), the UK General Data Protection Regulation, the Data Protection Act

Found: organisation a public authority or body as set out in Part 2, Chapter 2, section 7 of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: protection principles in the UK General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: Computer Misuse Act 1990, the Network and Information Systems Regulations 2018, the UK GDPR or the Data Protection Act

Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act

Found: the Trade Union and Labour Relations (Consolidation) Act 1992, or commit any breach of the Data Protection Act

Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act

Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act

Found: Computer Misuse Act 1990, the Network and Information Systems Regulations 2018, the UK GDPR or the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: Date of Birth D.O.D Date of Death DPA Data Protection Act 2018 DPIA Data Protection Impact Assessment

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: You will duly observe your obligations under the Data Protection Act 2018 and the General Data Protection

Found: and in particular the principles of the General Data Protection Regulation (GDPR) and the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: individuals, and disclosing it would contravene the data protection principles in Schedule 1 of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1)  of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: contravene the data protection principles in Article 5(1) of the UK GDPR (or section 34(1) of the Data Protection Act

Found: information I give will be treated confidentially and securely, in accordance with the terms of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: fulfilled its duty; however as this information relates to living persons, the provisions of the Data Protection Act

Found: Section 2 Part 6 Para 27 of the Data Protection Act 2018 allows for exemptions to UK GDPR Article 5 1

Found: regard to the processing of Personal Data to which a Party is subject including the 3 Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: under the requirements of the General Data Protection Regulation (EU) 2016/679 (the GDPR), the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: bound by confidentiality and data protection clauses which align to standards set by the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: individuals with regard to the processing of Personal Data to which a Party is subject including the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: This is because under UK General Data Protection Regulation (UK GDPR) and the Data Protection Act (DPA

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: organisation a public authority or body as set out in Part 2, Chapter 2, Section 7 of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: nciples in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: The legal basis for processing this data is ‘public task’ (Data Protection Act 2018 Article 6 (1) (e

Found: The legal basis for processing this data is ‘public task’ (Data Protection Act 2018 Article 6 (1) (e

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: are the data subject, and so it is subject to the General Data Protection Regulation and the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: Article 5(1) of the General Data Protection Regulations (GDPR) and in Section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: Personal data is defined in the Data Protection Act 2018 as information relating to an identified or

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Found: principles in Article 5(1) of the General Data Protection Regulation and in section 34(1) of the Data Protection Act

Question

To ask the Scottish Government whether it has plans to make the Scottish Kept Birds Register publicly searchable, and, if not, for what reason. 

Answered by Fairlie, Jim - Minister for Agriculture and Connectivity

The Scottish Government has no plans to make the Scottish Kept Birds Register publicly searchable.

The Scottish Kept Bird Register is a mandatory register for bird keepers in Scotland under the Avian Influenza (Preventive Measures) (Scotland) Amendment Order 2024. It was established to allow Scottish Government and its deliver body, the Animal and Plant Health Agency, to send vital biosecurity information to bird keepers to minimise the risk of the spread of notifiable avian diseases, particularly highly pathogenic avian influenza. The register also supports mandatory surveillance activities during disease outbreaks. The information has also been used to help support public health response in the offer of vaccinations to poultry keepers.

In accordance with Data Protection Act 2018 a commitment was made to those registering, in the Scottish Kept Bird Register Privacy Notice, as to how the data collected would be used. This can be summarised as to determine the size and location of the kept bird population in Scotland, for communication and disease control activities during notifiable avian disease outbreaks, and for promoting bird welfare and public health.

To make this data public would be in breach of the Data Protection Act of 2018, as the Scottish Government would be unable to control the uses to which the data was being put. The Scottish Government is legally required to make arrangements to ensure that the data collected is retained securely and protected from data breach. This is in common with registers for other animals and livestock across Scotland held by Scottish Government.

Found: ending on 31 August, ( ) “data protection legislation” has the same meaning as in the Data Protection Act

Found: ending on 31 August, ( ) “data protection legislation” has the same meaning as in the Data Protection Act

Found: share information in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act

Found: Data was supplied via postcodes and handled in accordance with the 1998 Data Protection Act with special

Found: Education Act 1996 and that their processing of personal data is in line with UK GDPR and the Data Protection Act

Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: protection legislation, such as the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act

Found: However, under the Data Protection Act 1998, the addresses and other contact information of private

Found: Organisation (if applicable) Date You must keep a copy of your completed form Data Protection Act

Found: this Contract in respect of which such Party is liable to the other; DPA 2018 means the Data Protection Act

Found: other duties, including its duties under the General Data Protection Regulations 2018, the Data Protection Act

Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act

Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: Information Regulations 2004 (the “EIR”) the General Data Protection Regulation (GDPR) and Data Protection Act

Found: their legal obligations, namely the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act

Found: Under the UK GDPR, Data Protection Act 2018 and the Freedom of Information Act 2000 the contents of

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: will process personal data, or require another organisation to do so, must comply with the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Found: have a legal requirement: • to adhere to the General Data Protection Regulation (GDPR), Data Protection Act

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004, Data Protection Act

Found: great importance on protecting people’s privacy and their data in full compliance with the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Found: are presented impartially and objectively and are in accordance with the requirements of the Data Protection Act

Found: In our view the requirements of section 10 of and paragraph 1 of Schedule 1 to the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004, Data Protection Act

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: The information you provide will be handled in accordance with the UK Data Protection Act 1998, which

Found: obligations under the Freedom of Information Act 2000, the Environmental Information Act 2004 or the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Found: The present study complied with the 2018 Data Protection Act, which allows sensitive study data to be

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act

Found: accordance with its obligations and duties under the: • Freedom of Information Act 2000 • The Data Protection Act

Found: Information Act 2000 (the “FOIA”), the Environmental Information Regulations 2004 (the “EIR”), the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: It is a requirement under Article 26 of Data Protection Act 2018 and is quite commonly used in Central

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: document is also available in Welsh UK General Data Protection Regulation (UK GDPR) and the Data Protection Act

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: the Freedom of Information Act 2000, the Environmental Information Regulations 2004 and the Data Protection Act

Found: data” and “ the data protection legislation” have the same meanings as in section 3 of the Data Protection Act

Found: personal data is handled in accordance with the General Data Protection Regulation and the Data Protection Act

Found: regard to and comply with the requirements of the Freedom of Information Act 2000 and the Data Protection Act

Found: to parents; • pupils’ educational records and pupil reports; • information covered by the Data Protection Act

Found: D Data Protection Act 1998 (DPA) - an Act making provision for the regulation of the processing of

Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act

Found: supplied by you in this form, is in accordance with the terms of our registration under the Data Protection Act

Found: Compliance with relevant legislation Political parties are reminded of their obligations under the Data Protection Act

Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act

Found: In this paragraph, “the UK GDPR” has the meaning given in section 3(10) of the Data Protection Act 2018

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: administering allocation schemes, Local Authorities must comply with the provisions of the Data Protection Act

Found: in accordance with the obligations and duties under the Freedom of Information Act 2000, the Data Protection Act

Found: Act 1974, • the Human Rights Act 1998, • the Equality Act 2010, 10 • the Data Protection Act

Found: We believe that releasing this information would be in breach of the Data Protection Act.

Found: obligations under the Freedom of Information Act 2000, the Environmental Information Act 2004 or the Data Protection Act

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Found: Information Act, as it is personal data protected by the General Data Protection Regulation and Data Protection Act

Found: The Authority is a competent authority (within the meaning of section 30(1)(b) of the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Found: Data protection, privacy and confidentiality considerations 10.9 The Data Protection Act 2018 and the

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: Data protection All systems and parties must comply with the Data Protection Act 2018 (UK GDPR).

Found: new power, local authorities must have regard to their existing statutory duties under the Data Protection Act

Found: Personal data protected by the General Data Protection Regulation and Data Protection Act 2018.

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: Information Regulations 2004 (the “EIR”) the General Data Protection Regulation (GDPR) and Data Protection Act

Found: For sensitive information, including that covered by the Data Protection Act 2018 (which replaced the

Found: In accordance with the Data Protection Act 2018, Welsh Government is the data controller for personal

Found: supplied by you in this form, is in accordance with the terms of our registration under the Data Protection Act

Found: supplied by you in this form, is in accordance with the terms of our registration under the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: supplied by you in this form, is in accordance with the terms of our registration under the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 2018 (‘the DPA 2018’)

Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act

Found: Contact name and email address are considered personal data as defined in the Data Protection Act 2018

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act

Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act

Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act

Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act

Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act

Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act

Found: obligations under the Freedom of Information Act 2000, the Environmental information Act 2004 or the Data Protection Act

Found: obligations under the Freedom of Information Act 2000, the Environmental Information Act 2004 or the Data Protection Act

Found: Information Act 2000 (FOIA), the Environmental Information Regulations 2004 (EIRs) and the Data Protection Act

Found: Practitioners must share information in accordance with the Data Protection Act 1998 and the common

Found: personal data underlying these statistics are processed in accordance with the requirements of the Data Protection Act

Found: ‘Personal data’ is defined in sections 3(2) and (3) of the Data Protection Act 1998 (‘the DPA 2018’)

Found: Under the UK GDPR, Data Protection Act 2018 and the Freedom of Information Act 2000 the contents of

Question

What Welsh Government guidance is provided to GP practices regarding charging patients for accessing their medical records?

Answered by Cabinet Secretary for Health and Social Care

The General Data Protection Regulations and the Data Protection Act 2018 were made by the UK government and apply to the four nations of the UK. GP practices cannot charge patients for reasonable access to their medical record. Guidance for GPs has been issued by the BMA to help practices in understanding their statutory obligations. bma-access-to-health-records-nov-19.pdf