(1)The sixth data protection principle is that personal data must be processed in a manner that includes taking appropriate security measures as regards risks that arise from processing personal data.
(2)The risks referred to in subsection (1) include (but are not limited to) accidental or unauthorised access to, or destruction, loss, use, modification or disclosure of, personal data.
Commencement Information
I1S. 91 in force at 25.5.2018 by S.I. 2018/625, reg. 2(1)(d)