The University of St Andrews is legally obliged to comply with the provisions of the Data Protection Act 1998.
The University’s policy, and guidance for staff, are available here: http://www.st-andrews.ac.uk/staff/policy/DataProtection/
This guidance can only be general, however - if in doubt, please contact your School or Unit’s Data Protection Liaison Officer. (A list is available on the Data Protection web pages.) If you need advice on a specific issue please contact the University’s Data Protection Co-ordinator, Alison Aiton [tel 3528, email dataprot@st-and.ac.uk]
Please bear in mind that any formal request for personal data you receive, especially if it quotes the Data Protection Act, must be referred to the Data Protection Co-ordinator.
All new staff have to be made aware of the Student Confidentiality code and it’s implications.
The code outlines the type of information the University holds about its students, and how staff should handle it.
The code can be found here: http://www.st-andrews.ac.uk/students/rules/dataprotection/studentconfidentialitycode/