Principles
-
The Data (Use and Access) Act 2026 got Royal Assent on 19 June 2026. All the provisions affecting data protection law and the Privacy and Electronic Regulations Communications are now in force. The Department for Science and Innovation (DSIT) has set out the commencement plans. You can find more details on the Gov.uk website.
These three modules look at the principles that underpin the UK’s data protection laws. Understanding the principles will help you take the right steps to make sure you’re handling people’s data correctly.
Please note: there may be some terminology which needs updating in some of these modules, which we will update over time. However you should still find the content useful in training your staff in the key points of the relevant legislation. To make sure you're accessing the latest content, use the resources on our website rather than downloading them.
Principles (Part 1) – Lawful processing
Principles (Part 2) – Purpose limitation, data minimisation, accuracy and storage limitation
Principles (Part 3) – Security, accountability and governance