> Members may rember this discussion back in April on this year.
> Does anybody have an update please? Did the data get destroyed?
> Where there any problems? Etc... thanks Sally Justice
HEFCE have recently issued circular 11/01 with required
collection notices that they expect HEIs to include in
information to students and staff. They propose changing the
Financial Memorandum to make the use of these notices a specified
requirement.
I have raised a number of issues with HEFCE about the collection
notices because, to me, they seem to muddy the water as much as
they are supposed to clarify it. For example, there is no mention
of sensitive data despite the fact that HEFCE require some
sensitive data.
The bottom line is that the Higher Education Act 1992 gives HEFCE
the power to request any information it wants so any request for
data is on the basis that it is a legal requirement.
The problem with HESA is that it is not, I understand, a
statutory body but a data processor for HEFCE. I am not yet
convinced (because neither HEFCE nor HESA have told me despite
asking) that there is in existence a written contract between
HEFCE and HESA that contains the required data protection items
to enable HESA to process personal data.
Has anyone else considered the "HESA Collection Notices" and
formed a view about them?
John Hitches
J F Hitches
Data Protection Officer and
Information Security Officer
Kingston University
River House
53-57 High Street, Kingston upon Thames
Surrey, KT1 1LQ
Telephone/Fax: 020 8547 7768
E-mail: [log in to unmask]
The views expressed are those of the individual and
not necessarily those of the university.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|