TopicFullPage Secretariat:
home>Skip Navigation LinksSecretariat > Privacy Notices > Disclosures

Breaches, Disclosures and Confidentiality

Personal data should not be provided to a third party except in specific circumstances and with the prior approval of the Compliance Team. In the event of a data breach of any kind where personal data has, or has the potential to be accessible to third parties, an incident report should be made to:

  1. ISS Staff Helpdesk
    As soon as detected, providing any details known at the time.
  2. Compliance Team
    Without delay, following reporting to ISS.
ISS will work to secure data from further loss where possible. ISS and Compliance will work together with the individual/ department reporting the data breach to investigate the breach and to take appropriate remedial action.


Data Protection considerations should not limit or stop the transmission of student data between University staff on an operational basis. However, disclosures of information further afield - e.g. to external enquirers (such as parents, local government, the Police etc) are potentially very risky.

In nearly all cases where requests for a student's personal information are received from an external individual or organisation you should not comply with the request, nor even confirm or deny the presence of the student who is the subject of the enquiry. All such enquiries should be referred to the Compliance Team.

This page was last edited on: 2/3/2014 11:35 AM