All University web hosted services will be at risk of downtime every Tuesday between 7am to 9am.
There are some common roles used in Information Governance to provide assurance over the way in which information is governed and used, the following section provides an overview of the specific roles and responsibilities used in the University of Sunderland.
The DPO’s tasks are defined in Article 39 of the General Data Protection Regulations (GDPR) as:
It’s important to remember that the DPO’s tasks cover all personal data processing activities, not just those that require their appointment under Article 37(1).
When carrying out their tasks the DPO is required to take into account the risk associated with the processing you are undertaking. They must have regard to the nature, scope, context and purposes of the processing.
The DPO should prioritise and focus on the more risky activities, for example where special category data is being processed, or where the potential impact on individuals could be damaging. Therefore, DPOs should provide risk-based advice to your organisation.
If you decide not to follow the advice given by your DPO, you should document your reasons to help demonstrate your accountability.
The University of Sunderland's Data Protection Officer is Sam Seldon, Sam also fulfills the role of Information Governance Manager.
The SIRO's main responsibilities fall into 4 broad themes which are:
At the University of Sunderland IAOs are the Academic Deans and Directors of Service. As with the SIRO the responsibilities of the IAOs can be broken down into 4 main themes as follows:
It should be noted that whilst the IAOs are required to hold oversight of the areas noted above, they may delegate some responsibilities to individuals working within their Faculty or Service, these individuals will be Information Asset Administrators (IAAs).