Data Protection by Design
Processing of personal data associated with Department research project is subject to the University Data Protection by Design review process.
This review helps to confirm that adequate privacy and security safeguards are in place before the Department undertakes data processing for a given research project.
It also confirms that any third parties which will process data on behalf of the Department are reviewed in advance to meet applicable security requirements.
This review process involves a screening to identify the risk associated with a given project’s planned processing and, based on that outcome, further review within the Department and/or the University Information Compliance team (ICT).
For more information about this process, refer to the ICT site below and the Department DPD policy in PRISMS IG:
To confirm University preferred suppliers and InfoSec security reviews: