72Data protection rulesU.K.
In Schedule 3 to the Data Protection Act 1998 (c. 29) (conditions for processing sensitive personal data), after paragraph 7, insert—
“7A(1)The processing—
(a)is either—
(i)the disclosure of sensitive personal data by a person as a member of an anti-fraud organisation or otherwise in accordance with any arrangements made by such an organisation; or
(ii)any other processing by that person or another person of sensitive personal data so disclosed; and
(b)is necessary for the purposes of preventing fraud or a particular kind of fraud.
(2)In this paragraph “an anti-fraud organisation” means any unincorporated association, body corporate or other person which enables or facilitates any sharing of information to prevent fraud or a particular kind of fraud or which has any of these functions as its purpose or one of its purposes.”
Commencement Information
I1S. 72 in force at 1.10.2008 by S.I. 2008/2504, art. 2(e)