Useful Information for Audits
Relevant Information for questions on Data Privacy Audits. Please note this is a guide to finding the information you might need to fill in an audit - it is not a substitute for filling in a form. Some of the links may be restricted to SSO.
You can find this by searching the ICO register. Note that Colleges and other parts of the University may be registered separately.
The University Data Protection Policy - approved by Council 14 May 2018
Full details of the information compliance team can be found via this link. The name and address of the DPO are at the bottom of the page.
Information about the Information Security training module is available on the Information Security website. In the Medical Sciences Office the training is mandatory and should be repeated annually. Requirements may differ from department to department.
There is a generic confidentiality clause in employees' contracts and a specific data protection clause. Links to example wording can be found in this link.
Many University posts require pre-employment checks. Information can be found in this link.
University Information Security Policy - dated Nov 2017 (log in required)
Privacy Notices for staff, students, applicants, alumni and other associates
Standard University wording for individual rights
How to provide information about processing and individual's rights
The University's Guidance on Data Protection and Confidentiality
University Guidance on how to identify and report a data breach or security breach
The University SOPs include Confidentiality and Security of Personal Data (13) and Data Management (15)
Policies on open and published data from the Research Data Management Team
Guidance on the disposal of research data is included in the University best practice guide on the collection, protection, storage and management of data collected for research purposes (page 6).