File storage

Where should I save my documents? 

For most staff members, the following storage areas are available.

  • Your OneDrive: this is your personal storage space.  It's where you should keep all your files which are 'for your eyes only'.
  • Your School or Service SharePoint Site(s). In 2024, shared L and M Drives were migrated to SharePoint Online. To find out more, see L&M Drive Migration – FAQs - Self-Service Portal.

Other locations

If you store data on your own devices such as usb memory sticks, beware of potential loss or corruption. 

Data stored on your university desktop computer’s hard drive (i.e. the C: or D: drive) is not secure, nor backed-up.  It is not recommended as permanent storage, but can be convenient for the temporary storage of large files.

Wisdom

The University has an electronic document records management system called Wisdom.  This is used to store and share documents and official records of the University

Non-work related data

The University allows staff to keep a small amount of personal data on the system.  Space is limited and it is not acceptable to fill email or your OneDrive with, for example, large quantities of personal photographs, music files or other material.

Any personal data you have should be stored separately from work material, and clearly labelled as such.

Important - a legal bit

Any material stored must be legally acquired. Storage of material, including music and video, obtained from illegal download sites is forbidden.

As a member of staff at the University of Huddersfield, you should be aware that any material created on behalf of the University is regarded as its property, and as such is subject to the University’s policies and procedures.

What happens when you leave?

Staff accounts are frozen on departure from the University, and content is deleted from accounts two months later. During this period, a School or Service can indicate that material should be retained, if:

a. The member of staff may be returning to the University
b. Data is required for continuing business
c. Material is required for the University archive
d. The member of staff becomes an affiliate of the University in a role which requires continued access to their data and email accounts.

A word about confidentiality and security...

All portable devices pose a security risk if they are lost or stolen.  If in exceptional circumstances you use a portable device to transfer sensitive or confidential data, you should consider encryption. Confidential data includes any personal information about individuals that could be used to identify them including names, addresses, phone numbers, dates of birth, assessment results, general information.  Sensitive personal data includes the racial or ethnic origin of the data subject, political opinions, medical and criminal information . It should be very rare for a member of staff to hold sensitive data on a portable device. If this is proposed, your line manager must be asked beforehand so that a risk assessment can be undertaken. Further information on the security of data is detailed in both the IT Security Policy and IT Security Procedure Manual

Portable devices such as iPads and laptops should also be password protected. Passwords must themselves be kept securely.

Who can see your emails and documents?

Your OneDrive is private to you. Access to other areas is described above.

Also, some University staff must have additional authorised access to data in order to manage our systems. All such authorised staff, in Services and Schools, should be aware of the need to respect privacy. The IT Security Procedure Manual requires that all staff with additional access privileges must sign a confidentiality declaration.

Special procedures exist for obtaining permission to view any individual’s data, for instance in the case of long-term sick leave. For further information see Section 5.4 of the Staff Handbook, Conduct (Monitoring of email and internet use 

Whilst all data produced by staff in the course of their work is owned by the University, the individual’s right to privacy is respected.

There is no routine monitoring of e-mail content or individual web use, although all web activity is logged and access to sites which are likely to cause a breach of the computing regulations may be blocked. Investigation and inspection of electronic communications may take place under the terms of the Regulation of Investigatory Powers Act, particularly where there is suspicion, or there appears to be evidence of, an infringement of the computing regulations or of illegal activity. For further information see Staff Handbook, Conduct (Monitoring of email and internet use)

What if something goes wrong?

All incidents which result in a loss of hardware or where data security is compromised must be reported. Hardware losses should be reported to the University Security Manager on Ext 2859, and stolen or mislaid data to the Records Manager, on Ext 3935. If sensitive or confidential information is involved, the person with responsibility for the data must be informed immediately so that an assessment of the required action can be undertaken.

A failure to follow University policy and procedures which leads to a loss of data or compromising the University’s data may result in disciplinary action.