A question has arisen at Kingston about the information recorded
by security staff on incident forms and the way in which this is
used within the University. The main areas where the situation
arises are in relation to students living in halls.
A complication is that our security service is provided by staff
of a wholly owned subsidiary service company of the University.
Security staff attending an incident and recording events
sometimes get given information which falls into the sensitive
data definitions. For example, mental or other health problems,
sexual abuse etc.. The security guards may record some or all of
this on an incident form. Historically a copy of this form has
been passed to other departments - our Student Life Office and/or
Health and Counselling.
A recent case rightly raised questions about whether such
transfer of data is appropriate. As a result we have changed some
practices and are considering the wider implications.
Question arise about whether a transfer of data to health and
counselling can be considered as being in the vital interests of
the student - in the case of a potential suicide it may be but
what of other situations? Until now H & C have used the data to
make contact with the student to offer support or advice.
Student life Office use the data in investigations as to whether
or not a breach of University regulations (primarily hall licence
terms) has taken place. The information may provide mitigation
for an incident.
Have others considered similar situations and, if so, have you
come to any particular conclusions or changed practices as a
result?
As the security service is provided by a subsidiary should we
make clear that, in this sort of case, they are acting as our
agents and processing the data on our behalf? If not, there is
the question of data being transferred by them to us.
Thoughts or experiences would be useful.
John Hitches
J F Hitches
Data Protection Officer and
Information Security Officer
Kingston University
River House
53-57 High Street, Kingston upon Thames
Surrey, KT1 1LQ
Telephone/Fax: 020 8547 7768
E-mail: [log in to unmask]
The views expressed are those of the individual and
not necessarily those of the university.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
