Last week myself and Paddy Callaghan (our Senior Web Developer) headed to Hull for the latest NE Regional Web Meeting. These were spawned a number of years ago now following one of the IWMW meetings (can’t remember where it was – they are all beginning to blur into one!). Various regional meetings were established and the NE region has continued to meet ever since.
Alison Smyth from Hull University Business School was kind enough to host us and the sun shone on a really rather lovely campus.
It was good to see colleagues from across the north east (ish!) including University of Sheffield, Sheffield Hallam, Northumbria, York, York St John, Leeds (and possibly some others) and have a day of sharing, learning, listening and deliberating around some current hot web topics.
The topics for discussion were:
- JISC course information management/XCRI
- Key information sets
- Mobile approaches – responsive design, native apps etc. Mobile first?
But then an extra topic was added following discussions over the break – and that was the issue around the cookie law.
We shared where we were so far with work around this legislation at our own institutions and it’s probably fair to say that there was a mixture of progress and knowledge around the room.
I shared our experience in terms of doing an audit of what cookies we have and presenting an updated privacy policy to our Information, Infrastructure, Access and Security group who actually signed it off. However, after subsequent conversations with colleagues and reading up a bit more I think we need to some more work here to go beyond the ‘corporate web’ or at least point out that our Privacy policy covers www.bradford.ac.uk and anything on another domain isn’t covered by this policy.
We also chatted around web-based systems (e.g. HR, finance, VLE) but the legislation doesn’t cover intranets or systems that you have to log in to. We may need to update our Acceptable Use Policy to say that some of our systems use cookies but members of the University (staff and students) just have to accept this. Not that it is a bad thing.
A good idea was to document everything that you, as an institution, have done so far in terms of working towards complying with the new legislation. A bit of ‘back covering’ but also so that a record is kept as to why certain decisions were made, by whom, when and so on.
I feel that I need to do some more communications internally around this new legislation. Whilst there is a recognition and understanding at a corporate/committee level as to what is happening and the reasons behind it there may be local web officers within the University whose radar this isn’t even on.
Our draft Privacy Policy is available here. Hope it’s useful. All comments and feedback welcome.
Leave a Reply