Accessibility statement

Data security 

The General Data Protection Regulation (GDPR) requires us to keep personal data secure. The Regulation itself states Personal Data must be:

Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Source: Article 5(1)(f), GDPR.

The University sets out its approach to data security in its Information Security Policy. Other associated security policies can be accessed via the University’s Information Policy Index.

For additional guidance on:

• Recognising spam and phishing emails;
• Virus and malware protection;
• File security;
• PC and device disposal;
• Password management;
• Two-factor authentication;
• Safe use of University information on devices;
• Encryption;
• Protecting confidential data.

see IT security's guidance. For further information, contact Library and IT Help Desk.

For guidance on keeping paper records secure, see the University’s Records Management resources