Internal, open access

Information Compliance Policies

Filing cabinet

Information Framework (PDF-132KB) 

This framework lays out the principles that guide the development of University policies and procedures on information, especially those listed in the Quick Guide to University Policies (PDF-108KB)

University Records Management Policy (PDF-131KB)

For all staff, including any third parties conducting business on behalf of the University, to observe when managing  University records.

Freedom of Information and Environmental Information Regulations Policy (PDF-121KB)

For all staff and members of the University, to ensure compliance with the "access to information regimes", Freedom of Information Act (FOIA) 2000 and Environmental Information Regulations 2004 (EIRs).

Data Protection Policy (PDF-35MB)

For all staff, students and others who may process personal data on behalf of the University to observe to ensure that they are in accordance with the Data Protection Act 2018.

Copyright Policy (PDF-95KB)

For members of staff, students and others who are working for, or on behalf of, the University to give guidance on the lawful use or copying of third party materials.

Regulations for the use of University IT and Systems

For all users of the Information Technology (IT) facilities provided by the University, connected to the University's network or used on the University's premises.

IT Equipment Disposal Policy (PDF-176KB)

For all staff, students and anyone who uses IT equipment.

Information Security Policy (PDF-114KB)

For all staff, students and others who process information, particularly sensitive information, on behalf of the University to observe in order that all information they use is handled appropriately. It has a number of sub-policies:

For anyone who uses or accesses University systems or information remotely to ensure that they work in accordance with the University's information compliance policies.

For anyone who processes sensitive information off campus or on external networks on behalf of the University.

For anyone using a personally owned device for work purposes.

For anyone that handles University information.

This policy applies to anyone using the Communications Networks under the control of the University of Reading.

For IT staff involved in systems operations.

This is for IT staff involved in software management.

This is for IT staff involved in systems management.

      For IT staff involved in systems planning.

For reporting suspected or known compromises of University Data                

To be read in conjunction with:

       Information Security Incident Response Procedures (PDF 354KB)

       Information Security Incident Reporting Form (Word 1.1MB)

Staff in the IMPS office are available for guidance so please contact us if you require further information or advice regarding aspects of information compliance.

Things to do now

Contact IMPS

Report an

Find out if you need to do a DPIA here:

Page navigation


Search Form

A-Z lists