C.U.E.D & Data Protection

Click if you want information on

Introduction | CUED & the Act | Implications of the new Act | Data Subject Access Requests | Staff role re Access Requests

INTRODUCTION

The DPA 1998 came into full force on 23.10.2001.

The University has a couple of officers in the Student Records Section who deal with Data Protection matters.
They maintain an extensive web site, which outlines the University policy on Data Protection.

The Engineering Department has a policy on Examinations Click here to find the link C U E D Examinations Data Protection Policy

Whether you are a staff member or a student, you have your rights and responsibilities in relation to data protection and you should be aware of them. You may have some difficulty in interpreting the Act, if so read on to the next section.

CUED & THE DATA PROTECTION ACT 1998

In order to assist the operation of the act and ensure compliance C U E D have a member of staff responsible for Data Protection in the Department.
Currently this is Igor WOWK.

The main functions of the officer will be to:

Assist the University Data Protection Officer to implement Subject Access Requests by locating the necessary data in the Department.
Raise awareness of the Act and its implications for staff and students
Advise and help members of staff
Ensure the Department maintains good practices, which comply with the Act.

If you wish to contact the CUED Data Protection Officer use E-MAIL or telephone 32778.

IMPLICATIONS OF THE Data Protection Act

There are a number of significant changes to the previous act, the most significant being that it now applies to paper documents stored in "retrievable filling systems" as well computer stored data which includes information put out on the Internet.

Images/photos are also covered by the Act.

The act has strengthened the "Data Subject's" right to protection, but not at the expense of pursuit of the "legitimate interests" of any organisation to function effectively.

Indeed, consent is NOT required to collect, process and store any "non-sensitive" data provided that:

the purposes for collection are explained to the subject,
the data is processed "fairly",
it is not re-distributed
it used for the purposes outlined at the point of collection.
it is kept securely.

However "Data Subjects" now have the right to ensure these conditions are met and to take action to enforce them if necessary.

DATA SUBJECT ACCESS REQUESTS

Equally as a data subject whether you are a student or staff member, you now have the right to view your data relating to your person if you feel that your rights are being infringed or violated in some way. The act permits you to examine the data that is kept on you, limit its use to the purposes given at the point of collection, prevent any damaging processing of the data and especially to limit usage for Direct Marketing purposes.

In recognition of this, the University has established a procedure by which this right may be exercised via a Data Access Request.

Details of this procedure are available on the University Web Site.

CUED EXAMINATIONS POLICY

The Faculty Board have devised a policy document which covers the procedures to be followed to meet the Data Protection act requirments.

Click here for the document.

APPROACHES TO MEMBERS OF STAFF FOR ACCESS TO SUBJECT DATA

Click here for advice on this subject.

SECURITY AND THE DATA PROTECTION ACT

To try and avoid scoring own goals in the Data Protection area, our defence needs to be tight. Make sure your procedures are secure.

Click here for advice on this subject.

This page was compiled by Igor WOWK Updated 11.07.06

If you wish to contact him, click here:E-MAIL