xmlns:atom="http://www.w3.org/2005/Atom" xmlns:atom="http://www.w3.org/2005/Atom"

PART 3 U.K.Law enforcement processing

CHAPTER 4U.K.Controller and processor

Overview and scopeU.K.

55Overview and scopeU.K.

(1)This Chapter—

(a)sets out the general obligations of controllers and processors (see sections 56 to 65);

(b)sets out specific obligations of controllers and processors with respect to security (see section 66);

(c)sets out specific obligations of controllers and processors with respect to personal data breaches (see sections 67 and 68);

(d)makes provision for the designation, position and tasks of data protection officers (see sections 69 to 71).

(2)This Chapter applies only in relation to the processing of personal data for a law enforcement purpose.

(3)Where a controller is required by any provision of this Chapter to implement appropriate technical and organisational measures, the controller must (in deciding what measures are appropriate) take into account—

(a)the latest developments in technology,

(b)the cost of implementation,

(c)the nature, scope, context and purposes of processing, and

(d)the risks for the rights and freedoms of individuals arising from the processing.