This PPN applies to all central government departments, their executive agencies and non-departmental public bodies. Such bodies are referred to as ‘in-scope organisations’.
In-scope organisations should circulate this PPN widely across their organisations, and work closely with data protection/information assurance leads within their organisations on implementation.
This PPN covers data protection requirements under UK GDPR, and the UK International Data Transfer Agreement (IDTA) governing the export of personal data from the UK. It also includes guidance on international transfers of personal data.