The role of the IC reflects the growing emphasis on data protection and information security.
Who is my Information Custodian?
eVision College Records Access Levels: Guidance for ICs [updated 27 January 2021]
Please see the College Records Access Levels (PDF) document for guidance on the current access levels.
As an Information Custodian (IC), or deputy IC, it is up to you to ensure that individuals with access to your data are thoroughly reviewed and that access is granted only to the appropriate people and is pertinent to that person’s job role. Please do spare some time to check that access provision continues to be relevant and is maintained throughout the year.
Mailing List Policy
As an active eVision user you will automatically be included in the mailing lists and membership of these mailing lists is mandatory. Further information.
Due to the nature of the responsibilities associated with this role, it is expected that the Information Custodian will be a senior member of the administration of the organisational unit, such as Senior Tutor, Department Administrator, Head of Central section; or someone nominated by them to take on the role.
The key responsibilities of an Information Custodian:
- Ensure that student systems access requests from individuals are thoroughly reviewed, and access is granted only to the appropriate people and is pertinent to that person’s job role.
- Assess and agree the training needs of individuals, and ensure they attend mandatory training where required.
- Ensure that users are made aware of training and support materials which are appropriate for their level of access and job role.
- Ensure that access to sensitive data, such as emergency contacts and alternative arrangements, is only granted to appropriate individuals, and that those individuals are aware of the sensitivity of such information.
- Ensure that staff changes are dealt with in a timely fashion, such as updating access when a person no longer has a legitimate requirement to access their unit's student systems data.
- Regularly review access to their data to ensure it is appropriate.
- Be the owner of the annual password(s) for encrypted files from the Academic Administration Division, and liaise with the Student Systems Support Centre when this password has been compromised.
Data Management responsibilities of an Information Custodian:
- Ensure that within their affiliation student systems data is managed, reviewed and maintained in accordance with the Information Security Policy.
- Ensure that within their affiliation student systems process and guidance is adopted and enacted.
- Whilst the individual user will be accountable for their use of the system, for operating within data protection requirements, for attending training and ensuring they remain up-to-date with changes to the system, process and policy; the Information Custodian will take an overview of all such matters for their affiliation.
- Act as an escalation point for data management and access issues and breaches within their affiliation.
- Keep abreast of data protection and information security issues.