Close
Practical guidance for all staff, students and researchers on handling personal data and special categories personal data in accordance with data protection legislation.
Background information:
Please ensure you have understood data protection at UCL and how to recognise the difference between personal data and special categories personal data:
For all staff, students and researchers at UCL
What you need to know
Everyday best practices
By topic
Handling personal data
- Data protection impact assessment
- Retention schedule
- Handling sensitive, personal & 'special category' information
- De-identifying personal data (anonymisation and pseudonymisation)
- Direct marketing at UCL
- Students processing personal data oveseas [pdf]
Legal
Collaboration
- International data transfer
- Transfers of personal data outside the EEA
- Privacy notices
- Unilateral confidentiality agreement [docx, template]
- Sharing data with third parties in a research context [pdf]
- Template Agreement for the Sharing of Anonymised Data with UCL in relation to a Research Project 2022 [docx]
Security
- Reporting a security data breach
- Security guidance: e-mail, antivirus, LastPass, training
- Encryption guidance
Researchers and research staff
- Transparency and privacy notices for clinical research
- Guidance for researchers on appropriate safeguards
- Guidance for supervisors on data protection where students are processing personal data
- Guidance for researchers: implications of GDPR and DPA 2018
- Research with children: guidance on data protection issues