Laws and rules for the security of data: Confidentiality, privacy and technology;
Laws and rules for the security of data: Companies, corporate governance and financial services;
Laws and rules for the security of data: Considerations for the public sector;
Laws and rules for the security of data: Official secrets, regulatory and professional secrecy;
Regulation and enforcement;
Breach notification;
Privacy Enhancing Technologies (PETs);
Appendices;
FSA and ICO enforcement action;
Transposition of Articles 16 and 17 of the Data Protection Directive;
Data Protection Act 1998;
Regulation of Investigatory Powers Act 2000, Part I, Chapter I;
Computer Misuse Act 1990;
Official Secrets Act 1989;
Communication from the Commission to the European Parliament and the Council on Promoting; Data Protection by Privacy Enhancing Technologies (PETs) - Brussels, 2.5.2007, COM(2007) 228 final;
HMG Security Policy Framework, Version 2.0, May 2009;
'Data Handling Procedures in Government: Final Report', June 2008;
FSA report 'Data Security in Financial Services: Firms' controls to prevent data loss by their employees and third-party suppliers', April 2008;
ICO 'Guidance on data security breach management', March 2008;
ICO 'Notification of Data Security Breaches to the Information Commissioner's Office', March 2008;
ICO 'Data Protection Guidance Note: Privacy enhancing technologies (PETs)', V2.0, March 2007;
Forms and precedents;
Checklist for handling a data security breach;
Incident response checklist for handling loss of unencrypted laptop computer;
Breach notification letter to Information Commissioner;
Breach notification letter to data subject;
Data protection clauses for employment contract;
Information and communications systems security policy;
Seventh data protection principle clauses for data processor contract;
Pre-contractual due diligence for engagement of data processor
