Introduction; Personal data; The eight Data Protection Principles; Who is responsible for data protection?; Informing the data subject; When do you need consent?; Processing 'sensitive' personal data; Processing only for specific purposes; Monitoring employees and the public; The requirement to have good quality data; Archive and destruction policies; People's right to see their own records; Restrictions on direct marketing; Other Data Subject rights; Security; Who can see what?; Transferring data abroad; Exemptions and other special cases; Notification; Codes of practice; Enforcement and penalties; The Data Protection Compliance Officer; References and further reading; Contacts; Appendices; Index.