Durham University is currently developing its Information Governance Framework, which will bring together the relevant policies, procedures and controls to ensure that information is managed in compliance with legislative, regulatory and contractual requirements whilst also enabling and supporting the delivery of institutional objectives and exploiting opportunities for business benefits: The Framework will include;
- Legislative, regulatory and contractual requirements, including Data Protection legislation, FOI Act, Privacy of Electronic Communications Regulations, NHS Digital’s Information Governance Toolkit, HEFCE requirements, research contracts
- Best practice, including ISO 27001 and ISO 15489
- Institutional Policies, including Data Protection Policy, Information Security Policy, Data Quality Policy
- Institutional hierarchy of information governance roles and responsibilities, including Senior Information Risk Owner, Data Protection Officer, Information Governance Manager, Information Security Manager, Information Owners/Stewards, Line Managers
- Information Governance Oversight Group
- Training and Awareness Programme
- Reporting and Assurance Framework.
Please click the links the left to access more information and guidance. A selection of shortcuts are also available below.