Corporate Services

Search site



Data protection


The Data Protection Act 1998 will be replaced by the new General Data Protection Regulation (GDPR) in May 2018.  The new law will impact on some data collection, use and storage practices across the institution.  The University has developed a compliancy plan which is being overseen by the University’s Information Protection Group and implemented by a sub-group comprising representation from the Secretariat, IT and the Library.  For most staff, changes brought about by the new Regulations will not be significant. More information will be provided on this page and further briefings will follow through relevant channels.

The main elements of the compliancy plan include:

  • Generating a comprehensive record and understanding of the personal data the University holds.
  • Ensuring all staff and students understand how to collect, use and store personal data according to the new Regulations.
  • Ensuring that the people whose data we collect know their rights, and are confident that we are using their data responsibly and within the confines of the law.
  • Ensuring that we are able to respond efficiently to requests from individuals whose data we hold.
  • Developing a rapid and effective process to respond to any loss of personal data.
  • Building in protection so that compliancy with the Regulations is “designed in”.   

Training on data protection issues (including the new Regulations) will continue to be provided through ODPL.

Please ensure you have completed your compulsory online information security essentials training.  

If you have any general questions in the interim please contact Rebecca Messenger-Clark ( or Adrian Slater ( in the Secretariat.


16.10.2017 (CLLC)