UK GDPR and the Freedom of Information Act 2000 in Higher Education: Compliance, DSARs, Research, Data Sharing, Breach Reporting and Key Exemptions

Published by a LexisNexis Local Government expert

Practice notes

Data Protection Principles

This Practice Note outlines how the Assimilated Regulation (EU) 2016/679, the UK General Data Protection Regulation (UK GDPR) and the Freedom of Information Act 2000 (FIA 2000) operate within the Higher Education Sector, including universities. It proceeds on the basis that readers already understand core UK GDPR concepts such as:

controller
data subject
personal data
processing
processor

For more detail on these expressions, follow the links above to the relevant sections of Practice Note: Key definitions under UK data protection law. For broader introductions to data protection, see Practice Notes: Data protection law—new starter guide and Introduction to the EU GDPR and UK GDPR. The UK data protection law collection brings together additional general guidance on the UK GDPR framework and is a recommended first port of call for data protection research.

The UK’s data protection landscape is mainly set by the UK GDPR alongside relevant parts of the Data Protection Act 2018 (DPA 2018). See Practice Note: Data protection principles. Higher Education Institutions (HEIs) are, in general, subject to the same data protection principles and obligations as other organisations. The UK GDPR differentiates between ‘controllers’...

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

Sam Rose

Mills & Reeve

Sam advises higher education institutions on governance; student disciplinary cases; fitness to study and fitness to practise; student disputes relating to teaching and assessment; freedom of expression; Prevent and Equality Act issues. She also advises on information law, including complex freedom of information requests and data subject access requests. Before joining the firm Sam worked as an education law specialist at the University of Oxford and as the Head of Strategic Litigation for the Consumers' Association (better known as Which?). As part of her role at Which?, Sam worked on projects considering consumer law compliance across the higher education sector, including looking at university advertising and student protection plans. She engaged with Government departments and regulators, including the Competition and Markets Authority and participated in the European Commission's REFIT exercise, reviewing the consumer law acquis. She was also actively involved with BEUC (the...

Web page updated on 22/05/2026

Popular documents

Using the Judicial College Guidelines to assess general damages in personal injury claims

When evaluating a general damages claim, the practitioner ought initially to refer to the Judicial College Guidelines (JCG)...

Tomlin orders in England and Wales: CPR guidance on drafting, confidentiality, approval, variation, enforcement, limitation, CCA issues, court-specific requirements, sample wording and precedents

This Practice Note This Practice Note reviews mechanisms used in settling litigation. A Tomlin order consists of a consent order paired with a schedule. It operates to stay proceedings on terms that have been agreed. The provisions contained in the schedule may remain confidential. This Practice Note describes the scope of confidentiality attaching to the schedule and sets out how it differs from a standard consent order. Sample wording for a Tomlin order is included, alongside links to precedents, as well as guidance on court approval. It also addresses varying, setting aside and enforcing a Tomlin order, including the considerations the court will take into account when handling applications for each. Further guidance is provided on interpreting and applying the relevant provisions of the CPR; however, some courts and divisions impose very specific requirements for both drafting and approval, and for approaching the schedule and confidentiality issues. Accordingly, you must consider the particular rules and court guide provisions in the forum where your claim is proceeding when drawing up the Tomlin order...

Precedent: Deed of Surrender of Lease with Optional Premium, Settlement and Release, Landlord, Mortgagee and Guarantor Consents, Reimbursement and HM Land Registry Provisions (England and Wales)

Date [ date ] Parties [ name of Landlord ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Landlord) [ name of Tenant ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Tenant) [ [ name of Guarantor ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Guarantor) ] [ [ name of Mortgagee ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Mortgagee) ] Definitions Within this Deed, the terms below shall be interpreted as follows: [ Annual Rent • the annual sum reserved under the Lease; ] [ Insurance Rent • the Tenant’s share of the Landlord’s costs of insuring the Property (as set out in the Lease); ] Lease • the lease of the Property dated [ date ], entered into between (1) [ the Landlord OR [ name ...

Precedent Statutory Declaration: Standard Wording under the Statutory Declarations Act 1835

I, [ name ], of [ address ], solemnly and sincerely state that: [ Matters to be verified, set out in numbered paragraphs ] I make this solemn statement in good conscience, believing it to be true, and pursuant to the provisions of the Statutory Declarations Act 1835. DECLARED at [ details ] this [ day ] day of [ month and year ] Before me ................................................................................ [ signature of the person before whom the declaration is made ] A [ commissioner for oaths OR [ solicitor OR [ insert other qualification ] ] authorised to administer oaths ]...