Division of General Counsel, Governance and Compliance

Information Management

The Information Management team provides advice, training, and services across the University in relation to data protection matters (e.g. contract reviews, privacy notices, consent forms, data sharing and retention, etc), any aspect of records management, information classifcation and handling, and manages the University's personal data breach reporting process and Information Asset Register. The team also oversees administration of the Freedom of Information process and handles requests for personal data on behalf of the University (including data subject requests and third party requests for personal data).

Additionally, the team are resonsible for oversight of policies across the University and provision of advice relating to use of the University's policy template and policy drafting, as well as management of the University's corporate calendar.

Please see below for further information and contact details.

The team - who we are

The team consists of:

  • Alexandra Elliott (Head of Information Management & Compliance; the University's Data Protection Officer)
  • Gabriel Gooch Blanco (Information Management Administrator; provides administrative support across the team)
  • Greg Toth (Information Manager; manages the University's Information Asset Register; assists with contract review and provides data protection advice)
  • Karen Blackman (Information Manager; oversees Freedom of Information / data subject requests; manages the University's policy template and provides advice on policy and guidance drafting; manages the University's corporate calendar)
  • Kay Steward (Senior Information Officer; focuses on Records Management across the University)
  • Lucy Pattenden (Senior Information Officer; handles Freedom of Information requests and data subject requests received on behalf of the University)
  • Naomi Alder (Senior Information Officer; focuses on Records Management across the University)
Contact us

Much of our work is handled via shared inboxes due to working patterns and shared workload across the team; this is the best way to contact us for most queries - please see below for further details:

  • For general data protection and records management queries: GDPR@sussex.ac.uk
  • For queries relating to personal data breaches, data subject requests, or requests from third parties for personal data held by the University: dpo@sussex.ac.uk
  • For queries relating to Freedom of Information requests: foi@sussex.ac.uk 

 Last updated 27 February 2024