ScHARR Information Governance


Policy Section 1: IG training and compliance

Version 17/03/31

Background

Each member of ScHARR, whether or not they carry out research, is likely to come into contact with the risk-bearing data. Each member of ScHARR will be provided with appropriate IG training which they must complete to register their compliance.

The IG Committee will be responsible for the oversight of training needs with annual review to determine the overall scope and shape of that training.

Each member of ScHARR is required to repeat standard training at least every two years to ensure they are aware of any updated policies and guidelines within ScHARR.


Policy

Training and support

Each member of ScHARR must complete the mandated IG training as advised by the ScHARR IG Committee. This includes both the University-wide training and the ScHARR-specific training module . Where third party workers have access to risk-bearing data under the control of the UoS that is not covered by a separate agreement (see Section 8) they must also complete the required training.

The ScHARR IG Committee will maintain a register of IG training completed by members of ScHARR.

Policy enforcement

Failure to carry out appropriate IG training will prevent access being granted to shared data storage.

Each member of ScHARR should be aware that failure to abide by ScHARR’s IG policies may result in disciplinary action being taken against them. Repeated or persistent infractions should be referred by the relevant Section IG Lead to the individual’s line manager or Supervisor for action. Escalation to more senior management will occur should there be continued failure to comply with the School’s IG policies.

Section 2: Information assets management