The College is working on some of the new requirements centrally but there are also some things that every member of staff has to do too.
- The College should not be retaining personal data unnecessarily and must keep only the personal information it needs to keep.
- All staff members are responsible for the files they store either on their computer, email or as a physical copy in their office or at home. These files must be kept securely, preferably encrypted or on encrypted devices, or in locked cupboards or drawers.
- Check your desk and cupboards for physical copies of files that contain personal data. Personal data should only be kept if there is a legitimate reason for doing so, and only for a limited period of time.
Data Protection Policy.
- Papers which contain personal data should be shredded or destroyed as confidential waste. There should be a shredder in every faculty office.
- Check Outlook for emails containing personal data. Check if you need to keep it or whether it should be deleted. If there is a legitimate reason for keeping it move it to a separate email folder, or archive folder, or a password protected folder on Z drive, so that it is easier to find and delete in the future.
- Refer to the retention schedule for how long you can keep data for.