The purpose of the Data Protection Act 1998 (The Act) is to protect the individual rights and freedoms of persons especially their right to privacy with respect to the processing of personal data. Due to the nature of business at Ulster University it is required to hold and process, both electronically and manually, large amounts of personal data. The Act provides a framework to ensure that personal information processed and stored by the University whether in hard copy and electronic format is handled properly both on and off campus.
The Act works in two ways. Firstly, it states that anyone who processes personal information must comply with the eight principles contained within the Act. The second area covered by the Act provides a Data Subject with important rights, including the right to find out what personal information is held by a data controller on electronic and/or paper records.
Information relating to the implementation of Policy and Procedures for Data Protection at Ulster are listed below.
|Data Protection Policy||Third Party Processing Agreement|
|Retention and Disposal Scheme||Breach of Data Security - Report Form|
|Subject Access Request||CCTV Policy|
|Information Commissioner's Office|
Data Protection Guidance Notes