to add a new content
Data Protection

On the 25th May 2018 the Data Protection Act 2018 was implemented by the UK as the General Data Protection Regulation also known as GDPR. It controls how personal information is captured and used by organisations and the government.

Everyone responsible for using personal data has to follow strict rules called ‘data protection principles’ and must ensure that the information they obtain is for a lawful purpose, used fairly and must be transparent about its intended purpose of usage and used explicitly for that purpose only.

Data should also not be kept for more than is necessary, and whilst it is kept, should be kept up to date and handled and secured in a way that does not compromise its protection from unauthorised processing, loss of theft of data.  

It is important to note that there is stronger legal protection for more sensitive information such as race, health, sex life, orientation, ethnic background. There are separate safeguards for personal data relating to criminal convictions and offences.

Under the Data Protection Act 2018, an individual has the right to find out what information the government and other organisations holds about them and this ideally should be provided to the individual within 1 month.  

To make a complaint about the misuse of personal information or lack of security it should be made to the organisation, following their response the complaint can also be made to the Information Commissioner’s Office.

Telephone: 0303 123 1113

Published 01/01/2018
Authoring body: Information Commissioner's Office (ICO)
Management of Police Information (MoPI) APP

This Authorised Professional Practice (APP) provides guidance to forces on meeting the requirements of the Management of Police Information (MoPI) Code of Practice in relation to the review, retention and disposal of policing information and records. This APP is supplemented by the Manual of Guidance, which provides a further level of operational data.

Police information refers to all information obtained, recorded or processed for a policing purpose. The Management of Police Information (MoPI) authorised professional practice (APP) provides a framework and guidelines for managing police information, complying with the law and managing risk associated with police information including data retention.

  • Policing information is information held for a policing purpose. The MoPI Code of Practice definition of ‘policing purpose’ is:
    • protecting life and property
    • preserving order
    • preventing the commission of offences
    • bringing offenders to justice
    • any duty or responsibility of the police arising from common or statute law
  • Corporate information includes other organisational information, such as HR or finance records, minutes of meetings, policies and procedures.

There is further information on compliance with the Freedom of Information Act.

It should also be noted that the retention periods for biometric data are governed by the Protection of Freedoms Act 2012 and sit outside this APP.

Published 06/05/2020
Authoring body: College of Policing (CoP)
Auditing Principles - Directive 2006/43/EC of the European Parliament and of the Council

Statutory auditors should adhere to the highest ethical standards and should be subject to professional ethics. This Directive aims at high-level to bring about harmonisation of statutory audit requirements as a result of lack of a harmonised approach to statutory auditing in the Community. This was the reason why the Commission proposed, in its 1998 Communication on the statutory audit in the European Union that a creation of a Committee on Auditing which could develop further action in close cooperation with the accounting profession and Member States be established.

The output/recommendation from the committee setup was a Recommendation was a set of Fundamental auditing Principles. The statutory audit requires adequate knowledge of matters such as company law, fiscal law and social law for Audit qualifications obtained by statutory auditors. In order to protect third parties, all approved auditors and audit firms should be entered in a register which is accessible to the public and which contains basic information concerning statutory auditors and audit firms. 

It is important to note that good audit quality contributes to the orderly functioning of markets by enhancing the integrity and efficiency of financial statements. 

Published 01/01/2006
Authoring body: European Parliament
Criminal Justice System: Data Standards Forum Guidance

An agreed and designed common data standards are used by the Criminal Justice System, ICT suppliers to support ICT communications between systems used by Criminal Justice Organisations (CJO) to support CJS operations. They are also used with open data standards as defined in the government’s Open Standards Principles. These common standards are also used to support data analytics, bidding for CJS contracts etc.

The selection of the CJS data standards is made by the CJS Data Standards Forum. This is a technical forum which has representatives from the principal CJOs.

There is a Data Standard Catalogue used to support the exchange of criminal justice information between different CJOs.

There are three different types of data standard reflected in the catalogued:

  • formatting standards

  • organisational structure standards

  • reference data standard

The Data Standard catalogue is constantly reviewed by the Data Standards Forum to ensure a set of standards is produced that is as small as possible while still being fit for purpose. 


Published 17/12/2020
Authoring body: Ministry of Justice (MOJ)
National Policing Digital Strategy 2020-2030

The National Policing Digital Strategy sets out a new digital ambition for UK policing. It presents a set of tangible digital priorities and outlines the key data and technology building blocks required to deliver them. 

The strategy contains 5 priorities:

  1. Seamless citizen experience
  2. Addressing harm
  3. Enabling officers & staff through digital
  4. Embedding a whole public system approach
  5. Empower the private sector
Published 01/01/2020
Authoring body: Police Digital Service (PDS)