Data Protection, FOI and sensitivity advice

For UK guidance for archivists and records managers on Data Protection Law, including guidance on the Data Protection Act 2018 and the General Data Protection Regulation (GDPR), please click here.

Information Commissioners Office (ICO) is an independent official body, appointed by the Queen. The Commissioner is responsible for administering the provisions of the Data Protection Act 1998 and the Freedom of Information Act 2000.

Scottish Information Commissioner is responsible for enforcing and promoting the right to access public information created by the Freedom of Information (Scotland) Act 2002 and the Environmental Information (Scotland) Regulations 2004.

Ministry of Justice is responsible for information rights law, including freedom of information and data protection.


For further information about General Data Protection Regulation (GDPR):

European Union webpages on GDPR containing links to legislation, factsheets and other legislative texts.

FOIMan: Website contains articles and free resources about GDPR.

Wellcome Trust have created a series of reports on the key clauses of new regulation and how they think the UK government will implement the legislation.

Open letter by Elizabeth Lomas (2018), published by Wellcome Open Research, on the destruction of the Windrush disembarkation cards which highlights the dangers posed by misinterpretations of the requirements of the new General Data Protection Regulation (GDPR)