Data Protection Policy
I. Purpose
This policy is enforced to ensure the protection and confidentiality of the College’s information and access to technology. The following policy outlines the standards that the College holds when concerning their data governance, management and protection procedures that must be adopted and followed by all staff. All users of information of the college are responsible for following the standards outlined in this policy.II. Principles
- The College must effectively and diligently manage the threat of cyber security attacks to individuals by identifying, assessing and managing with an appropriate risk plan.
- The quality of data must be maintained to a high standard in order to ensure accurate reporting and governance across the College.
- All staff and students who manage private or corporate data on behalf of the College are held accountable against this policy.
- External providers must comply with the policy document and uphold the standards outlined.
- The College will maintain secure information systems, endorsing the link between data governance and systems governance.
III. Data Use and Ownership
- Corporate information must be maintained in a secure, reliable and efficient manner such that its accessibility is restricted to those who have granted access to its viewing.
- Storage and control frameworks for all corporate data must be comprehended and communicated in accordance with the privacy policy.
- Disclosure of corporate data for research must be authorised and approved by the College following ethical standards.
- Members of the College executive are responsible for assigning data stewards for agreed data systems, resolving any issues with security or data breaches
- The College must prioritise the protection and improvement of the management of data.