Researchers are responsible for managing data appropriately, in order to protect the privacy and confidentiality of their participants but also, where applicable, to protect the interests of the public. 

All staff should familiarise themselves with the legal requirements of the General Data Protection Regulation (GDPR) by completing the mandatory e-learning programme available on the University's Learning Management System (staff login required).  

If the research project involves the use of personal or sensitive data, a Data Protection Impact Assessment (DPIA) should be completed and forwarded to the Information Governance Team (email: to provide expert advice on compliance with the General Data Protection Regulation.


If you wish to recommend any changes to the information above, please contact