§ Mr. CohenTo ask the Secretary of State for Foreign and Commonwealth Affairs whether he will make arrangements for the Data Protection Registrar to inspect relevant contracts with suppliers of IT services that involve the use of personal data held by his Department in order to check whether all appropriate arrangements in relation to the Data Protection Act 1984 have been made, and whether such contracts make provisions for the registrar to make random inspections in order to check the suppliers' compliance with the eighth data protection principle.
§ Mr. Lennox-BoydWhen IT services are contracted out by a data user, the contractor and the user will be subject to the application of the data protection principles and to the registrar's powers to promote compliance with them, as provided for in the Act. It is for the registrar to decide how he will use his powers under the Act, and I do not consider that any further arrangements are necessary for him to discharge his duties effectively.