No flash message
Some of the content and features delivered by this site requires JavaScript to be enabled in your browser
Wednesday 26 July
My.Anglia > Staff > Sec clerk > Data Protection

Data Protection

The Data Protection Act 1998 governs, through a set of principles, the collection, processing and disposal of data held about individuals and the rights of individuals to access this data. 

Anglia Ruskin University is legally obliged to adhere to the eight principles of the Data Protection Act 1998 in the handling of data.  These are summarised below:-

  1. Personal data must be processed fairly and lawfully.
  2. Personal data must be obtained only for specified and limited purposes and should not be processed further for incompatible purposes.
  3. Personal data should be adequate, relevant and not excessive in relation to the purposes for which they were processed.
  4. Personal data should be accurate and, where necessary, kept up to date.
  5. Personal data should not be held longer than necessary.
  6. Personal data should be processed in accordance with the rights of individuals (data subjects).
  7. Appropriate technical and organisational measures should be taken against unauthorised processing of, loss of, or damage to, personal data. 
  8. Personal data should not be transferred to countries outside the EEA which lack adequate protection for data subjects’ rights. 

All staff and students of Anglia Ruskin University must comply with these principles when handling data.  Outside agencies handling data on our behalf must also comply.  Please refer to our Data Protection Policy for more information. 

All data held in relevant and structured filing systems are covered, both in electronic and manual formats. 

Compliance with the Data Protection Act 1998 is co-ordinated by Jackie Barlow - the University Records Manager. On these pages, you will find guidance on how to ensure compliance with data protection law.

Our Data Protection Policy was reviewed by the Information Management Advisory Group (IMAG) in 2015. To access the policy please click here.

Our Telephone Protocol for the Disclosure of Personal Data statement was approved in January 2016 by the Information Management Advisory Group (IMAG). To access the statement please click here.

Anglia Ruskin University provides a mandatory online Information Security and Data Protection course to members of staff. Members of staff should contact Human Resources ( to complete the course. The course should be completed every three years.