data protection


Data Protection Act 1998

The Data Protection Act 1998 came into force in 2000 and legislates for the control and protection of personal information.

The Act places obligation on those who process information (data controllers) while giving rights to those who are the subject of that data (data subjects).

Personal information covers both facts and opinions about the individual.


How the Act affects healthcare research

Most healthcare research requires the processing and/or storage of personal and sensitive information relating to living individuals (e.g. patients) and is therefore governed by the DPAct98.

It is important that you comply with the Act and process/store all personal information in accordance with it.


College policy

The College has a Data Protection policy to protect the personal information processed by or disclosed to staff or students of the College or other authorised persons.

Please see the data protection section of the Colleges' Legal Services Office for more information.