I think the problem is one port is bidirectional and has to be opened both ways - so you can read data but not send it or the other way around.
Basically this is a common problem with many institutions - not just HE ones in the UK and globally. Unfortunately it is a cultural one and, as other posters have pointed out, requires quite a lot of soft skills approach rather than a technical one.
The best strategy is to try and profile the organisational structure of where the data is going, who is responsible for the "gatekeeping" and who is responsible of the policy around that.
You will probably find that people will want a guarantee of responsibility on your dept's part if anything were to go wrong. That is often enough but finding and unlocking that mechanism can often be a dark art ;)
Good luck,
Leon Cych
(http://www.supareal.com - we build and foster community)