Introduction
This section covers those functions within the institution that provide access to information to the student body and both academic and administrative staff. These include libraries, computing services and information support services.
Such functions may be managed separately from each other, or in various combinations. These services routinely explain their facilities and the conditions of their use to students, staff and the general public, and it is information of this nature that is included within this section.
Information services inevitably hold large quantities of personal data that are exempt from general disclosure.
6.1 Availability and Conditions of Use of Facilities
Description:
Information in these classes provides details about who can access systems and services and the facilities that they can access. They also provide assurance for external bodies/individuals that rules exist to ensure that breaches of conditions of use are appropriately dealt with.
This class includes the following information:
- Opening hours of libraries, helpdesks, etc, scheduled maintenance times of systems
- Who is allowed to use the facilities (for example, categories of persons and their associated rights/levels of access).
The general rules and conditions of use (e.g. no smoking/drinking/eating, the existence of policies with regard to law such as copyright, computing code of practice, data protection).
- Some of the information may be covered in the student registration details or staff conditions of employment, but it will be necessary to advise how other categories are accepted as users (e.g. temporary staff, short course or conference use, ‘taster sessions’ etc.)
- There should be a pointer to other codes of conduct or rules external to the institution which may apply to the user (e.g. JANET acceptable use rules, Athens registration rules)
- Access to/use of Archives, including how far back in time information exists and if so to what extent it is available
- Details of logging, monitoring and procedures followed in case of breach of conditions of use should also be included here.
6.2 Mission Statements and Related Documents
Description:
This class should include information regarding the aims of the department in context of its place in the organisation, a definition of the service provided and, where appropriate, service level agreements.
6.3 Policies with Regard to Data and Information
Description:
Information in this class offers assurances to data subjects, whether they are individuals or companies that deal with the institution, that data relating to them is being handled well, minimising the risk of unauthorised access or disclosure.
Examples of the type of information in this class include:
-
- Security policies (i.e. how the data is protected). It could be argued that provision of information on this could risk a crime being committed, so it might be exempt or certain parts would not be published. (This is only really an issue where the security policy is explicit enough to include detailed description of implementation. Clearly disclosure of this sort of information could potentially lead to a crime under the Computer Misuse Act)
Data retention and archive policies (how long it is kept for, what happens to it after the need for it has passed, anonymising data to keep for statistics)
- Data protection statements/policies
- Policies on CCTV monitoring, RIPA etc
- Confidential Statement
6.4 Procurement and Disposal Policies
Description:
Information in this class offers assurances that monies are being appropriately spent and assurances that procurement is fair and open. The disposal policies also assure that the institution is making correct and appropriate use of funds.
6.5 Scope of Collections Held
Description:
This class includes the following information:
- Library Catalogue.