|
CTO |
Rule
Data Protection and Compliance with the AGS
The School processes personal information to support its core functions, including teaching, administration, and compliance with legal obligations. This includes data related to applicants, students, employees, alumni, supporters, partners, suppliers, and research participants.
The School is committed to transparency and accessibility while ensuring efficiency, legality, security, and confidentiality in handling personal data. The Data Protection Policy aligns with the Data Protection Act 2018 (DPA), aiming to minimise risks of breaches, which could lead to harm, reputational damage, financial penalties, or investigations by the Information Commissioner.
The AGS supports the School in meeting its data protection obligations by processing and storing data according to the DPA principles: lawfulness, fairness, transparency, and legitimate purpose. The AGS ensures secure data handling, accountability, and proper data stewardship. It supports lawful data processing, including fulfilling contractual obligations, and upholds data subjects' rights, including access to their data.
The CTO, a member of the Executive Committee and Senior Information Risk Owner (SIRO), oversees the AGS, working closely with the School's Data Protection Officer.
This rule ensures compliance with data protection legislation and promotes efficient, secure, and transparent handling of personal data. By using the AGS, the School effectively manages data in line with legal requirements, reducing the risk of breaches and supporting data subject rights.
|
|