BU has guidance on keeping you and BU safe and other useful guidance and policies on protection against unauthorised recording, access, use, disclosure, modification, loss or destruction of information. If you intend to use mobile devices – please refer to the Mobile Device Security Guide (staff version) or Mobile Device Security Guide (student version).
The Data Protection Legislation comprises the EU General Data Protection Regulation and the UK Data Protection Act 2018. It sets out the circumstances in which, or purposes for which, personal data can be processed and the safeguards which must be applied to such processing. To keep up to date on latest developments, BU have provided a number of online training resources.
Recognise a data breach – A data breach is a security incident in which information is accessed without authorisation. If you’re ever concerned about a potential data breach at BU, it’s important to call the IT Service Desk as quickly as possible on 01202 965515 (option 1). See Policy for more details.
If you’re collecting data outside of the UK, you need to be aware of restrictions regarding the transfer of data to and from the UK. To help navigate this complicated area of law, there is a useful website https://www.dlapiperdataprotection.com (made available from DLA Piper) which compares data protection laws from around the world; for the transfer of data please click on the tab ‘Transfer’.
- Research Ethics Code of Practice
- Data Protection at BU – link to guidance and BU policies (including how to report a data breach (this includes ‘near misses’)). See article “Are you embedding GDPR“.
- Research Data Mangement
- Mobile Computing Policy
- Information Security Policy
- Mobile Device Security Guide (Staff)
- Mobile Device Security Guide (Student)
- Information Classification Policy (see Appendix A: Handling Methods based in Information Classification; Appendix B: Handling Methods based on Type and Storage Methods including Online Collaborative Spaces and Cloud Storage, Email and Transfer, Saving and Storing Files and Storing Paper Records). Information to note, particularly if you are collecting personal data as part of your research data collection activities.
Useful links on the anonymisation of data and the use of anonymised data:
- Guidance from the UK Data Service:
- Guidance from the Information Commissioner’s Office:
Research Data Management (RDM)
BU aims to make our research data as openly accessible as possible. Data will be registered and discoverable via BORDaR, BU’s research data repository. To find our more, please visit our website or if you have any queries, please contact the RDM team by email to firstname.lastname@example.org.
- UKRI GDPR and Research – An Overview for Researchers. Compiled with the support of the Information Commissioner’s Office, the UKRI have provided a GDPR overview for researchers, which sets out guidance and signposts to further sources of information.