Guidance on handling sensitive data.

02 Mar 2009

Important advice on keeping sensitive information secure.

New guidance on handling sensitive data at work is being issued to staff by IT Services.

In the light of increased concerns nationally about the security of sensitive information, the large amounts of sensitive data handled by the University (including staff and student records, NHS records and research) as well as the increasing capacity of small devices to hold vast quantities of data, the University has reviewed, updated and, in some cases, introduced new IT Security policies – these can be viewed at the weblink below.

To accompany and support the new policies, practical advice and guidance has been produced for all staff on data handling, sensitive data and encryption tools and is available online at:

•  Secure IT Guidance

Mike Vale of IT Services said: "The purpose of the information systems security policies and data handling guidance is not to constrain people working, but to enable them to work securely without putting themselves or the University at risk of disclosing sensitive data.

"This is fully in line with other large organisations. Colleagues who work with other organizations such as the NHS Trusts already have to comply with NHS guidelines on IT security including the use of encryption tools.

"Increasingly as a public body the University will need to be able to demonstrate it is complying with relevant data handling legislation including the Data Protection Act and the Freedom of Information Act."

Download this leaflet:

• Guide to data handling (PDF, 531 KB)