Study with Greenwich  | Student Information  | About Us  | Research  | Contact Us

Governance and Management

Data Protection

Search

University Data Protection Policy

Aimed at all university staff and students, and for the information of other interested parties

The university stores, processes and on occasion discloses information about employees, students and other Data Subjects for academic, administrative and commercial purposes. It is committed to a policy of protecting the fundamental rights and freedoms of individuals and in particular their right to privacy with respect to the processing of personal data, as set out in the Data Protection Act 1998. When handling such information, the university, and all staff or others who process or use any personal information will comply with the Act in full at all times.

To ensure compliance with the Act the university will:

· Observe the spirit and the letter of the 1998 Act and will not seek to exploit ambiguous wordings or "grey areas" yet to be clarified by Case Law to avoid its responsibilities.

· Co-operate fully with the Information Commissioner and his office.

· Publish and maintain a series of Codes of Practice outlining the meaning of the Data Protection Act 1998 and establishing procedures for processing data in day to day working. The Codes of Practice will provide a reference source for all staff to clarify anomalies, which may arise in routine operations.

· Consider that all Schools and Offices are subject to the Act: no individual, section, School or Office shall hold or process records in any manner which does not conform to the University's Data Protection Policy and Codes of Practice.

· Seek to obtain comprehensive "informed consent" from Data Subjects regarding the keeping of records, the processing of data and the disclosure of data to third parties.

· Initiate and maintain an on-going programme of staff development.

· Periodically review its policies and practices to ensure continuing compliance with the Act.

 

In order to minimise its liability in law the university will:

· Ensure that all new data systems and new forms of processing data will be implemented in accordance with the 1998 Act.

· Regard all members of staff of the university as having an obligation to divulge the existence and contents of databases or other soft or hard copy filing systems that contain personal data, to the Data Protection Officer.

· Implement and maintain appropriate practical and technical measures to ensure the security of all personal data.

 

Reviewed 29/07/11