Records Management

Five key points

The five key points every member of staff needs to know.

To meet your data protection obligations, remember:

  1. When collecting personal data provide a privacy notice detailing how data are used, with whom they are shared, and the retention period;
  2. If someone asks to see information the University holds about them or queries our use of information about them, contact your local information practitioner as soon as possible;
  3. Keep personal data securely, e.g. use strong passwords, encrypt data not held on University networks, and ensure you send emails to the correct recipient;
  4. Always do a privacy impact assessment when you plan a new project or review an existing process so privacy requirements can be met by design;
  5. Do not keep personal data longer than necessary; refer to the relevant retention schedule.