Academic Integrity in a Digital Age

In the previous sections we have discussed personal information and data protection with the issues raised by emerging technologies. We have also discussed about the information and communication technology issues in research. Let us now see the legal policies on data and its privacy protection.

Data Protection Act

The data protection act is a policy which gives the right of access to the data which Organization’s hold about an author and specifies how these data can be gathered, used and disseminated. The policy can explain how a user can request an access to any personal data which an Act holds about an author, including the form which should be used when submitting an access request. It further binds on all staff and students, and specifies the steps taken necessary to conform to the requirements of the data protection act. If someone is transferring personal data to a third party, who is going to process it, then a data processing agreement must be in place. This agreement should set out the terms of service between both parties, and an act that will comply with data protection law.

The Data Protection Act also can prohibit the transfer of personal information from one country to another, unless those countries to ensure the same level of protection. For instance, if the use of data in a research project is linked to another individual who is in the upcountry, then the data protection act should be adhered. However, some of data protection principals can be exempted in case of the following;

The information is being used exclusively for research purposes and no other use. This type of data can be statistical or historical

• The information being used is not for supporting measures or decisions relating to any identifiable living individual
• The information being used is not going to cause, or likely to cause substantial damage or distress to any subject matter

Normally, if any, research activity meets the above conditions, then the personal data may be used for a new purpose, or be kept for a research purpose.

Data processing

When processing personal data, a University must do so in accordance with its data protection Principles. Generally, data must be fairly and lawfully processed, processed for limited purposes, adequate, relevant and not excessive, accurate, not kept for longer than is necessary, processed in line with author’s rights, secure and not transferred to countries without adequate protection.

The University may have data or information from individuals and sometimes may contain a listing of authorised recipients of the data concerned. These are the individuals and bodies to which, if appropriate, the University may disclose this data within the terms of their registration. This does not mean that these authorised recipients have an automatic right to disclose them. For example, when the information requested contains sensitive or personal material relating to another individual whose own rights must be protected under the Act.