Section 25: Data Protection
Information on how UCL uses student information, for what purposes, and the steps taken to safeguard this information; where to find information security, intellectual property and email policies; Information on how to enquire or make a related complaint (Centrally Provided.)
25.1.How UCL uses student data
UCL uses student information for a range of purposes connected with their studies, health and safety. UCL takes the protection of student information very seriously and complies with the Data Protection Act (DPA) 1988. Information about students will only be shared within UCL when necessary. UCL may also be required by law to share information with some external agencies for a variety of purposes, such as the Students’ Union, the Higher Education Statistics Agency and UK Visas and Immigration. After students leave UCL their data is retained in the permanent archives.
- UCL General Student Privacy Notice (Annex 1.2.2)
- UCL Confidential Information Statement (Annex 1.2.1)
- UCL Information Security Policies
- UCL Privacy
- Data Protection
25.2.Storing and securing data
Students are strongly encouraged to save their work on UCL’s file stores, which are backed-up regularly. Storage space is finite, however students can request additional storage space from the Technical Support Group, for example where they are required to produce assets with significant file size.
Where students save work to their own devices, they should ensure their files are appropriately backed up to protect against data loss (which is not usually an acceptable grounds for Extenuating Circumstances.) The UCL Drobox service (www.ucl.ac.uk/dropbox) may be used to securely exchange files that may be too large for email or other services.
If students need to store or exchange sensitive data then this should be appropriately encrypted. Where data is encrypted, the encryption key should be securely backed up to avoid data loss.