The EU Data Protection Directive (Directive 95/46/EC) has been implemented by all member states and the purpose is that “Everyone has the right to respect for his private and family
life, his home and his correspondence.”
This regulation applies to any operation involving personal data including collection and storing of the data. The directive is requiring organizations to handle all personal data in
a manner that is secure and appropriate. More info can be found here.
Click on the links below to read more on the laws & regulations for the public sector.
http://www.cabinetoffice.gov.uk/spf/sp1_grmc.aspx
http://www.connectingforhealth.nhs.uk/.../encryptionguide.pdf
http://www.ico.gov.uk/what_we_cover/data_protection.aspx