Skip to navigation | Skip to main content | Skip to footer
Menu
Search the Staffnet siteSearch StaffNet

School of Arts, Languages and Cultures

Guidance on GDPR (General Data Protection Regulation) legislation

22 Mar 2018

New legislation comes into force on 25 May 2018

New GDPR (General Data Protection Regulation) legislation will come into force on 25 May 2018. The University is addressing some of the new requirements centrally but there are actions that every single member of staff has to take to ensure we are compliant: 

  • All staff members are expected to undertake mandatory Data Protection training every two years – failing to do so may result in access restrictions to University IT systems. The online Data Protection training course (Code TBF26) can be applied to via the Training Catalogue.
  • Every staff member is responsible for the University data in the form of files or documents they store either on their computer, email or as a physical copy in their offices, labs or even at home. 
  • The University is aiming to only retain emails in Outlook (or any other email client) for a maximum of three years. In preparation, you should delete anything you no longer need that is over three years old, especially if it contains Person Identifying Information (any information relating to an identified or identifiable person – this could include reference to their name, identification number, location/address, or other factors relating to their identity) in an attachment or the body of the email. If you find information that you do need to keep, please move them to appropriate storage such as a shared drive or SharePoint.
  • Staff members are also responsible for reporting any incidents to the University where personal data may have been compromised.

Please also see How to handle files and papers that we work with?