After a lengthy delay of eighteen months, the UK's new Data Protection Act will come into force on 1st March next year. Building on the existing 1984 Act protecting personal data, the new Act will provide:<ul> <li>Simplified registration for data users <li>Enforcement against unregistered bodies <li>A requirement to disclose what processing is undertaken <li>Detailed requirements for security measures needed for data <li>Enhanced rights for subject access <li>Restrictions on movement of data outwith the European Union - it can only go to countries with an 'adequate' level of protection</ul> A protocol for data exchange between the EU and US has yet to be agreed - this is expected to take a further 6 months to agree.<p> The Registrar has not extended the date for compliance for pre-existing databases - databases established before 24th October 1998 must comply by 24 October 2001. <P> More info from <a href='http://www.open.gov.uk/dpr/eurotalk.htm' target='_blank'>The Data Protection Registrar</a>. <P> <P> <P> <P>