Published online by Cambridge University Press: 31 July 2008
A brief, but very informative, summary of the Data Protection Act 1998 (DPA) is contained in Legal Information Management in the Summer 2001 issue. This article doesn't attempt to replicate that summary but will examine some of the key decisions that need to be made in developing a policy that will enable the University of Birmingham to conform to the Act, its eight data protection principles, and the University's Data Protection policy when processing personal data and the practical procedures needed to deal with personal data processing in an information service.