This procedure sets out the requirements to dispose of materials that either contain sensitive data or information. It should be read with all other policies in this Quality Manual, particularly:
- Data Protection Policy
The Information Security Policy classifies information into two types: sensitive and non-sensitive.
We are committed to best practice in ensuring all sensitive data and information is disposed of securely. Sensitive information in relation to this policy includes but is not limited to:
- Course material:
- Lesson plans
- Scheme of work
- Training matrix
- Company policies and procedures,
- Data in relation to our stakeholders (employees, learners, contractors) including:
- Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs
- Health data
- Data concerning a person’s sex life or sexual orientation
- Personal details including signature, contact details (phone number, email address or business or residential addresses), signature
All staff have a responsibility to consider security when disposing of sensitive information/data in the course of their work. Individuals handling or processing any confidential material are personally responsible for ensuring the proper disposal of the information.
All wastepaper that contains sensitive information/date must be destroyed in a way which the information/data cannot be reconstituted, by shedding, pulping or incineration.