On 25 May 2018 the UK's data protection law changed. The Data Protection Act 2018, and the General Data Protection Regulation (GDPR) are now in force.
The new law gives the University obligations and responsibilities in the way it handles personal information. It enhances people's rights, and those who gather and use personal data on behalf of the University must follow the data protection principles.
For specific information on how the University uses personal data, see our privacy notices. Your Rights explains how the law helps you to protect your privacy. For further information, see our online training (for staff and research students) or come along to a drop-in session.
If you have any specific queries about data protection at UEA, please contact the University's Information Compliance team at firstname.lastname@example.org or by telephone on +44 (0)1603 59 2431.
The University's Data Protection Officer is Ellen Paterson. Data Protection Officers have a range of responsibilities under the GDPR, outlined in this guidance from the Information Commissioner's Office. You can reach Ellen using the email address and phone number above.
The University also has a network of data protection contacts, covering all departments and Schools. If you're a member of UEA staff and don't know who your contact is, email email@example.com.
The Data Protection Policy sets out how personal data will be managed by the University.
The following University policies also contain statements and requirements on how we process personal data, and include actions for all staff.
If you are a member of UEA staff or PGR student you can now complete online GDPR training. Go to Blackboard and you'll find a link to the training under 'My Organisations'.
Training completion will be monitored and reports shared with managers on a regular basis.
June 2018: The ICO's series of myth-busting blogs turns to the issue of consent, and why all those emails that flooded your inbox last month weren't always correct
The Information Compliance team are running regular lunchtime briefings and Q&A sessions to help staff understand the requirements of the new law.
No booking is required, and the team will be on hand to answer your data protection questions.
Time: 12-1pm (briefing will take around 30 mins from 12pm)
Location: Registry, Committee Room 1
11 July (Briefing plus Q&A)
09 August (Q&A)
13 September (Briefing plus Q&A)