How many principles does the Data Protection Act have?

The question tests how many data protection principles are defined in the Data Protection Act. There are eight principles. They set the standard for handling personal data: it must be processed fairly and lawfully and for a specified purpose; data should be adequate and not excessive for that purpose; it must be accurate and kept up to date; it should not be kept longer than necessary; processing must respect the individual’s rights; data must be dealt with securely; and transfers of data to other countries should be to places with adequate protection. In a dental setting, this means patient records must be kept confidential and accurate, used only for patient care and related purposes, retained for an appropriate period, protected from unauthorized access, and only shared or transferred under proper safeguards. So eight is the correct count for the Data Protection Act in this context. Note that newer GDPR guidance is framed around seven principles, but the exam item refers to the Act with eight principles.