Data Protection
The Data Protection Act 2018 controls how your personal information is used by organisations, businesses or governments and is the UK's implementation of the General Data Protection Regualtion (GDPR). Everyone responsible for using personal data has to follow strict rules called 'data protection principles' and there is stronger legal protection for more sensitive information. Under the Data Protection Act 2018 individuals have the right to find out what information the goverment and other organisations store about them. More in depth information can be found on the Government website.
Cambridge University's Privacy Policy explains in detail how and why the University collects and uses personal information. Please also see Cambridge University Data Protection overview of topics and links to sources of further information, which includes core privacy notices.
Information Comissioner's Office Guide to the UK GDPR.
All staff using personal data in some way in their role must complete the University's Data Protection Training: Online Course once every two years.
Important University data protection resources for staff:
- the Data Protection Policy
- the Data Protection Quick Guide
- the information about how to report a personal data breach
Specialist guidance for specific types of departmental staff (as applicable)
- the guidance on academic research and personal data for researchers.
- the guidance on data protection by design and Data Protection Impact Assessments for IT and/or project staff.
- the guidance on data sharing for those involved in any purchasing/outsourcing decisions.
Departmental contacts for data protection are Marita Walsh and Howard Jones.