NDCN is committed to good information governance, and all members of our departmental community are expected to adhere to best practices in data security and privacy, as outlined in the University Information Security Policy and Medical Sciences Division Information Governance Policy. Each individual is responsible for understanding and acting on their information governance responsibilities, and we are here to help.
As part of compliance with UK data protection legislation (GDPR), everyone is required to complete the mandatory Information Security and Data Privacy Awareness training course annually.
Each individual also has a responsibility to report any suspected data breaches. If you are unsure whether or not a breach occurred, you should report it anyway – the Information Security team decides if a breach has occurred. Reporting possible breaches helps identify ways to improve practices and safeguard against further harm, as well as honouring our legal obligations, and we encourage all members of the NDCN community to engage with the reporting process. The Information Security team has more information about reporting a breach.
The University has many other online resources to help guide you:
- The Information Security website connects you with guidance, policy, and information security services.
- The Research Data Oxford website provides guidance on research data management, storage, and sharing.
- The Medical Sciences Division links to key University policies, a section on Information Security FAQs and links to additional University IT security resources.