Close
All UCL staff and students who handle sensitive research information—including principal investigators, data handlers, and those who supervise or support them—must complete annual training on managing highly confidential information.
Anyone with an '.ac.uk' or NHS email address can self-register for NHS Data Security Awareness course provided by e-Learning for Health. When asked, you can register your role as a “Further Education and Higher Education Researcher (Education)” which should provide you access to the course. The course covers data security awareness, the law, threats to data security, breaches and incidents, and the General Data Protection Regulation. Completion of this course will be sufficient evidence of basic information governance training to handle highly confidential information under the UCL Research Data ISMS Roles and Responsibilities.
Courses that do not cover the depth and breadth of topics required for Information Governance are:
- Good Clinical Practice training
- UCL's GDPR training
- Information Security training
- ONS researcher accreditation
Sharing evidence of your training
If you have completed the annual NHS Digital Data Security Awareness course through e-Learning for Health then a certificate should be available under ‘My Activity’ and 'Certificates' on the e-Learning for Health portal.
If you are using the ARC TRE, your certificate will also be requested during the Approved Researcher onboarding process.
If you are using the Data Safe Haven, upload the certificate to the Information Governance Advisory Service Portal with your name and the date your training was undertaken (UCL member's login required).
If training has been completed by a user who is external to UCL please upload the certificate on their behalf in the Information Governance Advisory Service Portal or contact infogov@ucl.ac.uk.
Any queries in relation to undertaking information governance training should be forwarded to infogov@ucl.ac.uk.