Toggle

Data Protection & Information Security Policies

  • Print
Last Updated on Wednesday, 13 May 2015 11:17

Introduction

Disabled Students Allowances Quality Assurance Group (DSA-QAG) needs to collect and maintain certain personal data about individuals in order to carry on its business and meet its requirements effectively. We recognise that the lawful and correct treatment is very important to successful operations.

Personal data that DSA-QAG holds may require information about: current, past and prospective employees, members, auditors, assessment centres, suppliers and others with whom it has dealings with. This personal data, whether it is held on paper, on computer or other media, will be subject to the appropriate legal safeguards as specified in the Data Protection Act 1998.

Data Protection Principles

DSA-QAG fully endorses and adheres to the eight principles of the Data Protection Act.

These principles specify that personal data must be:

  • processed fairly and lawfully
  • collated for a specified and lawful purpose and shall not be processed in any manner incompatible with that purpose;
  • adequate, relevant and not excessive;
  • accurate and kept up to date;
  • not kept for longer than is necessary;
  • processed in line with the data subject’s rights;
  • kept secure from unauthorised or unlawful access;
  • not transferred to a country or territory which does not have adequate data protection laws.

To Meet Requirements

DSA-QAG will:

  • observe fully the conditions regarding the fair collection and use of personal data;
  • meet its obligations to specify the purposes for which personal data is used;
  • collect and process appropriate personal data only to the extent that it is needed to fulfill operational or any legal requirements;
  • ensure the quality of personal data used;
  • apply strict checks to determine the length of time personal data is held;
  • ensure that the rights of individuals about whom the personal data is held, can be fully exercised under the Act;
  • take the appropriate technical and organisational security measures to safeguard personal data;
  • and ensure that personal data is not transferred abroad without suitable safeguards.

Subject Access

All individuals who are the subject of personal data held by DSA-QAG are entitled to:

  • Enquire what information the Group holds about them and for what purpose
  • Ask how its records can be accessed
  • Be informed how to update them
  • Be informed what actions DSA-QAG is taking to comply with its obligations under the 1998 Data Protection Act.

Employee Responsibilities

All employees are responsible for:

  • making sure that any personal data that they provide to DSA-QAG is accurate and up to date
  • providing DSA-QAG of any changes to information which they have supplied, e.g. changes of address
  • checking any information that DSA-QAG may send out, giving details of information that is being kept and processed.

Data Security

The need to ensure that data is kept securely means that precautions must be taken against physical loss or damage, and that both access and disclosure must be restricted.

All staff are responsible for ensuring that:

  • Any personal data which they hold is kept securely
  • Personal information is not disclosed

Rights to Access Information

Employees and other subjects of personal data held by DSA-QAG have the right to access any personal data that is being kept about them.

Any person who wishes to exercise this right should make the request in writing to Karen Docherty, Chief Executive, Central Administration Unit, 151 West George Street, Glasgow, G2 2JJ.

If personal details are inaccurate, they can be amended upon request made in writing to Karen Docherty, Chief Executive.

Publication of DSA-QAG Information

Information that is already in the public domain is exempt from the 1998 Act. This would include, for example, information on individuals acting as point of contact contained in the databases published on the DSA-QAG website.

Subject Consent

When we collect any personal data from you, we will inform you why we are collecting your data and what we intend to use it for.

Information Security Policy

Please find below the DSA-QAG Information Security Policy:

icon DSA-QAG Information Security Policy v1.0 (140.61 kB)

About Us