Data protection for online forms
All forms on Trinity web must comply with the obligations under the Data Protection Acts.
Personal data means data relating to a living individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, the possession of the person controlling the personal data. Collecting someone's personal data is a serious activity and is tightly controlled by the Data Protection Acts. These require that all forms on Trinity website that collect personal data must clearly state the following:
- the identity of who is collecting the data, which should include contact information;
- the purpose, or purposes, in collecting the data;
- the persons or categories of persons to whom the data may be disclosed; and
- any other information which is necessary so that processing the data may be fair, such as informing users which information is mandatory and which optional and any particular implications for them in providing the information being sought and their right to access and rectify the data; and
- it is good practice to inform the users of the period for which the data will be kept.
A commitment must be given that the personal information so collected will only be used for the purposes for which it was given and that it will not be released to other parties without the permission of the individual, except as permitted by law. Only required information should be collected and care should be taken not to seek information that is unnecessary for the purpose. Subsequent use of the personal data must conform to the information provided to the user. Any use not disclosed when the information was collected will require further consent, except as permitted by law.
Method of collecting personal information
Data submitted in a form are not, by default, encrypted in any way. They pass over the network in plain text format and are vulnerable (i.e. liable to interception by a third party) while in transit. For this reason, forms should not be used to collect un-encrypted sensitive personal data. The Data Protection Acts define sensitive personal data as data relating to a person's racial origin, political opinions or religious or philosophical beliefs, physical or mental health, sexual life, criminal convictions or the alleged commission of an offence, trade union membership. If adequate measures are not taken to provide security, and a form solicits personal information, users must be clearly advised at the point of data entry (i.e. on the form) that any personal information they submit is not encrypted and is not protected as it passes over the network. Similarly, advice should be given regarding the adequacy of data storage.
Processing personal information
Whenever it is possible to do so without damaging the purpose of the exercise, personal data collected should be rendered anonymous and any identifying coding or ‘traceback' facilities destroyed so that it will not be possible to associate the data with the individuals involved. Such data will then no longer be restricted by the Data Protection Acts. For example, if personal data are collected for research purposes they should be converted, where possible, to unidentifiable data which may then be analysed and processed as needed.
For as long as personal data are held or processed in any way they are subject to the Data Protection Acts. Attention is drawn in particular to the need to maintain the security of any personal data acquired as they may be vulnerable on the computer on which they are received/stored unless steps are taken to protect them. There are special conditions that have to be met before personal data may be transferred outside the European Economic Area (E.U. and Iceland, Liechtenstein and Norway). Particular attention is drawn to the fact that data processed in the USA are not subject to the protections offered by the Data Protection Acts. Many web-based survey facilities are based in the United States and may not conform to Data Protection requirements.
There are several other important requirements to be complied with if handling personal data. Further information on the Data Protection Acts, including the eight principles of data protection which must be complied with, can be found in the 'Compliance with Legislation' - Section 3, of the web design policies.
Sample form HTML
This form would send an email to firstname.lastname@example.org.
Note that all recipient addresses to be used with this script will have to be preregistered with IT Services.
The data collected on this form are being obtained by (ENTER DEPTARTMENT NAME/USERNAME) for the purpose of (ENTER REASON). These data may be accessed by (ENTER WHO WILL ACCESS INFO) and will be held for (ENTER AMOUNT OF TIME). Your data will only be used for these purposes and will not be released to other parties without your permission, except as permitted by law. You have the right to access your own personal data which you supply here and the right to rectify those data. (ENTER SENTENCE ABOUT SECURITY OF DATA TRANSMISSION AND STORAGE.)