Data Protection Act

The 1998 Data Protection Act first came into effect in March 2000. Underlying the Act is a set of principles governing good practice, and the University is required to notify its use of personal data to the Information Commissioner where it is published in a public register. 

To assist staff and students to comply with the Act, the University has issued Guidance Notes and formally adopted a  .

The Policy provides information on:

  • The Principles
  • The Notification of Data Held and Processed
  • Responsibilities of Staff and Students
  • Data Security
  • Rights to Access Information
  • Publication of University Information
  • Subject Consent
  • Retention of Data

The Guidance Notes contain further information on:

  • The scope of the 1998 Act
  • Notification (including registration number)
  • Staff Guidelines for Data Protection
  • Data Security
  • Use of Personal Data for Research Purposes
  • References
  • Staff Checklist for Recording Data

Any formal requests from data subjects regarding information held on them must be referred to Mr Kevan Ryan, no matter which office or department is processing the information.

Further information and advice on University-related matters can be obtained from Kevan Ryan (Director of Legal & Compliance, ext. 42110). More detailed information can be found on the Information Commissioner's home page, including a link to an online version of the 1998 Act.