Skip to main content

Queries? Please contact

What to do if something goes wrong

Call 0300 555 0444

All incidents and breaches must be reported to SID

Please do not email SID, as the email may not be read for several days.

What constitutes a breach or an incident?

General Data Protection Regulation

General Data Protection Regulation

During 2018 a great deal of work was undertaken to get the University close to being compliant with the new data protection laws (GDPR and Data Protection Act 2018). This was a major piece of work, which required a high degree of effective team working across all colleges and services. Work to ensure ongoing compliance continues and Phase 2 of the GDPR project has commenced with the objective of ensuring the University can demonstrate ongoing compliance with GDPR requirements and have ways of working and processes in place that reduce the risk of reputational and financial damage to the University due to non-compliance or significant data breaches. Work is focused on the following areas:

  • Completion of outstanding activities from phase one of the project including reviewing the Information Asset Register and completion of the supporting action plans.
  • Ensuring staff awareness of their responsibilities and obligations under GDPR, including promotion of the mandatory Information Governance training that all staff need to complete by May 2019.
  • Implementing supporting arrangements resulting in reduced risk to individuals, impact to University reputation and reducing the risk of significant data breaches.

"GPDR is coming, and we all need to make sure we’re compliant with the law when it changes on 25 May. If you need any help or advice on keeping your information secure, check this website for advice. We all need to work together to make sure we’re ready for this change – remember that help and advice is on-hand if you find any problems or have any questions as we transition to the new law.”

Joint statement from the Registrar and Provost

What do I have to do?

All colleagues should familiarise themselves with the GPDR summary and GDPR principles, and raise awareness of the changes in your team. Find out more about what you need to do.  

What to do if something goes wrong

Information on how to report a data incident or breach, and what the differences are between the two.

Principles of GDPR

Understand the principles behind the General Data Protection Regulation.