Enterprise Architecture

Data confidentiality and governance

The University protects restricted and confidential data, giving access only to those people who need it.

Data governance

Data governance is the system of decision rights and accountabilities for managing the quality, availability, documentation and security of an organisation's data assets.

The University's Data Governance Group brings together a range of professionals working on aspects of data governance, to share experience and make recommendations for improving data governance policies and procedures.

Data Governance Group (UoE SharePoint site- access required)

Data stewards

Three levels of data confidentiality

All administrative data is classified as either unrestricted, restricted, or confidential. 

Unrestrictricted data is available for anyone in the world to read. 

Restricted data is limited to people who need the data as part of their work. 

Confidential data imposes extra controls and is only available to a small number of relevant members of staff.

Personal information

The University maintains a record of all personal data, in compliance with data protection priniciples and law.  The Data Protection Officer oversees a comprehensive register of all personal information stored by the University. Privacy statements clearly explain the reasons and uses for storing personal information.

Most personal information is classifed as restricted.  Sensitive personal information, which includes information such as race, sexuality and religion, is classified as confidential.

University of Edinburgh data protection policy and guidance

Retention periods & anonymisation

The University has to hold some data for set periods in order to satisfy legal requirements; some other data has to be deleted to meet other legal requirements. These retention periods are defined on the Records Managment web pages.

The University also keeps some data for statistical and reporting purposes.  Any personal information in this data is carefully anonymised before it is presented to users, In order to protect personal details.

University retention schedules

Information Security

The University's Information Security service provides guidance on a wide range of security issues.  

It also looks after the University's Information Security policy and associated standards.

Information Security