Protecting personal data and ensuring information security are top priorities for the university, which is why we have updated our Data Protection Policy and Information Security Policy to strengthen protocols and compliance.

These policies apply to all staff and students.  Both policies provide the introduction of clear accountabilities and responsibilities.

Data Protection Policy

The Data Protection Policy outlines our data collection, usage, and protection protocols in order to comply with UK data protection laws and regulations.

Information Security Policy

Provides the requirement that material policy gaps with a Faculty or Department will be logged, managed, and prioritised within the existing Faculty or Department risk register alongside other risks.

Key updates in the policies

• Easier to understand definitions of personal data
• Clearer rules around collecting or using personal data
• More clarity provided around the consequences of non-compliance
• All staff must complete annual data protection and information security training
• Additional technical safeguards and access controls, including where sharing personal data internationally
• Incident response procedures for data breaches or security incidents
• Linking the Policies and record keeping to the University retention schedule

Policy Access

Please read the policies to understand your responsibilities. You can find the policies at the links below:

• Data Protection Policy
• Information Security Policy

Training Reminder

Please undertake your mandatory annual data protection and information security training  if you have not yet already done so.

Questions?

Contact the university’s Data Protection Officer, Tracy Landon if you have any questions about the Policies or your responsibilities.

Thank you for helping us maintain high data protection and information security standards for our university community.