Tel: +44 (0) 1524 592140 Fax: +44 (0) 1524 594294
Menu
Main Menu
For LU Staff:
Data Protection
Lancaster University is registered as a data controller under the terms of the Data Protection Act, 1998. Our registration number is Z6328653, and details of our registration can be viewed by entering this code into the search engine at the Office of the Information Commissioner.
The University is committed to compliance with the requirements of the Data Protection Act, including the eight principles of good practice laid out in Schedule 1 of the Act. The University seeks in particular to ensure that all staff who process data are aware of their obligations in processing data, and that data subjects are made aware of the purposes for which the university processes their data, and of their rights as laid out in the Act (all students receive information on the way that the university uses their data via the relevant study handbooks).
Between 1999 and 2002 Lancaster University undertook HEFCE-funded research into the implications of Data Protection for the HE sector. The guidance produced is available for viewing and download at http://www.dpa.lancs.ac.uk/
The Data Protection Officer produces guidance on relevant issues of interest to university staff. These papers are available below.
| Data Protection Research Notes |  |
 |
| Legal Professional Privilege | |
|
| Minute Taking and Publication | |
|
| New Data Access Rights | |
|
Any questions relating to Data Protection should be addressed to Hazel Hardie, Data Protection Officer, Student Registry.
Confidentiality and disclosure
Data Protection considerations should not limit or stop the transmission of student data between staff on an operational, "need-to-know" basis. However, disclosures of information further afield - e.g. to external enquirers (such as parents, local government, the Police etc) are potentially very risky. In nearly all cases where requests for a student's personal information are received from external individual or organisation you should not comply with the request, nor even confirm or deny the presence of the student who is the subject of the enquiry. All such enquiries should be referred to the University Data Protection Officer.
Students' access rights
Students have the right to make a Subject Access Request, which allows them to see any personal data held about them by the university. The University will seek to respond fully to any such request by a student and there will be few, if any, instances in which the university will be able, or willing, to suppress information from a student's sight (maximum openness is at the core of the University's Data Protection policy).
This means that students have the right to see their formal records, such as their LUSI record and any registry or departmental files and, but will also, almost without exception, be able to gain access to other materials - such as comments on their exam scripts, the relevant minutes of examiners' meetings, emails concerning them etc etc.
Should you be approached by a student wishing to see particular information held, you may, if the request is easy to answer and relatively narrow in focus, answer it directly. However, if the request is more extensive (e.g. it would involve retrieving information form more than one department/section) or is unclear or controversial in any way, then it should be forwarded to the Data Protection Officer.
Search
| Past Students | LU Staff | External Examiners | Other Information |