Information Governance Specialist Toolkit

IG Specialist include the Data Protection Officer (for data protection issues), the Information Security Manager (for information security issues) and Information Governance Champions.

If this is you, you will need more in-depth knowledge of information governance and data protection issues and are able to support colleagues within your areas with IG/DP queries and tasks.

Make this your homepage to keep up-to-date with all the relvant information you'll need.

Latest Updates....

25/5/18 - GDPR GO LIVE!! Also the Data Protection Act 2018 comes into effect (it received Royal Assent on Wed 23/5/18) -

8/5/18 - The ICO have published their guidance on Data Protection Impact Assessments (DPIA) -

1/4/18 - For full guidance of how everyone should handle data (including personal data) see the Data Classification document

18/4/18 - ICO have published a useful 'Lawful basis interactive guidance tool' (Conditions for Processing) at:

NOTE - this tool only covers normal (non-sensitive) personal data.


IG Champion Training can be provided as required, please contact Anne-Marie Long ( for details.

Training materials are also avaialble on the IG Champions Google Team Drive

Data Protection Officer

The Data Protection Officer role is a mandatory one for a public body like Keele (under GDPR). 

The GDPR defines the DPO role as the person who will:

  • Inform and advise the organisation and its employees of their data protection obligations under the GDPR.
  • Monitor the organisation’s compliance with the GDPR and internal data protection policies and procedures. This will include monitoring the assignment of responsibilities, awareness training, and training of staff involved in processing operations and related audits.
  • Advise on the necessity of data protection impact assessments (DPIAs), the manner of their implementation and outcomes.
  • Serve as the contact point to the Information Commissioner for all data protection issues, including data breach reporting.
  • Serve as the contact point for individuals (data subjects) on privacy matters, including subject access requests.

Keele's DPO is Anne-Marie Long.

The DPO Office also deals with all data subject rights requests and Freedom of Information Requests. 

Lauren Adams manages these aspects and assist with the DPO role

IG Champion

The IG Champions role includes:

  • To act as Directorate/Faculty/School central contact for all Information Governance (GDPR) queries from Directorate / Faculty staff (or students) – initially around asset register completion and actions, but subsequently as ongoing Directorate / Faculty / School Information Governance ‘guru’
  • Liaise regularly with their respective Information Asset Owners (IAO) (respective Deans / Directors) to assist the IAO in thier reports to UEC
  • Act as local communication channel for Information Governance communications from Central Support Team and/or the IAO


  • Short term – Review Directorate/Faculty/School Information Asset Register (and Data Maps) with central support to develop immediate GDPR compliance task list.
  • Short term – Manage asset register task list with local Asset Managers (e.g. develop new Privacy Notices. Giving guidance on development of Privacy Notices (transparency), requirements for Data Sharing arrangements (contracts with appropriate central support); any issue around re-acquiring adequate consent (if necessary); determining Retention schedule. Central Support Team to ensure suitable reference/tools/examples and other support is provided as required
  • Medium term - Support process of developing key data asset ‘Data Handling Policies’ supporting the relevant Information Asset Owners e.g. the generic Data Handling Policy for Employee data or Student Data etc

Information Security Manager

To be consulted for all information security issues


Keele's Information Security Manager is Simon Clements