Privacy notice - Interview Recordings for Master of Pharmacy Applicants

University of Sunderland Policy on Recording, Storing, and Deleting Interview Recordings for Master of Pharmacy Applicants

Policy statement

This policy outlines the procedures for recording, storing, and securely deleting interview recordings for applicants to the Master of Pharmacy course. The University is committed to ensuring that all data collection and processing activities comply with the UK General Data Protection Regulation (UK GDPR) and respect the rights and privacy of applicants.

Scope

This policy applies to all staff members involved in the admissions process for the Master of Pharmacy course, as well as any third-party personnel authorised to assist with interviews.

Purpose

The purpose of recording interviews is to ensure a transparent, fair, and accurate applicant evaluation process; recordings will be used for moderation purposes only. This policy defines the responsibilities and procedures for handling interview recordings to protect applicant data and maintain compliance with UK GDPR.

Procedures

Consent and preparation

• Applicants must be provided with a UK GDPR-compliant consent form at least 48 hours before the interview; this would normally be provided to the applicant with all other interview communications. 
• The consent form must clearly explain the purpose of the recording, how the data will be used, and the applicant's rights.
• The academic member of staff conducting the interview must confirm that the applicant has signed and submitted the consent form before beginning the interview; all consent information will be collated by the admissions tutor.
• All necessary recording equipment must be tested and functional prior to the interview.

Recording the interview

• At the start of the interview, the interviewer must verbally confirm that the applicant has provided consent for the recording.
• The recording must be focused on the interview and the applicant's responses.
• If an applicant withdraws consent during the interview, the recording must be immediately stopped, and the withdrawal of consent documented. In this case, any recording must be deleted as soon as possible.

Post-Interview Handling

• The recording must be transferred securely to a designated storage location immediately after the interview (this will be dependent on whether the interview has taken place on campus face-to-face or online via Teams).
• Each recording must be labeled with the application number that does not contain personally identifiable information and the recording date.
• A log entry must document the transfer, including the date, time, and staff member responsible.

Secure storage

• For on campus face-to-face interviews, recordings must be stored in a dedicated folder within the Sciences Recording Data Capture Drive with access restricted to the admissions team responsible for evaluating applications and authorised personnel directly involved in the application process
• For online via Teams interviews, recordings must be downloaded and stored in a dedicated Teams channel with access restricted to the admissions team responsible for evaluating applications and authorised personnel directly involved in the application process
• Access controls to the storage areas must be implemented, and regular audits conducted to ensure data security.

Data retention

• Recordings must only be retained for the duration specified in the consent form (48h following the conclusion of the interview process).
• Reviews of stored recordings must be conducted to ensure recordings are deleted following their retention period.

Secure deletion

• Recordings must be securely deleted after the retention period using approved methods.
• The deletion process must be logged, including the date, method used, and staff member responsible.
• Periodic audits must confirm that no recordings remain beyond their retention period.

Review and continuous improvement

• The recording, storage, and deletion processes must be reviewed periodically to ensure compliance with UK GDPR and University policies.
• Feedback from staff or applicants following the interview must be addressed to improve the process; a log of actions taken should be maintained.

Incident management

• In the event of a data breach or unauthorised access, the University Data Controller must be informed immediately, and corrective actions taken.
• Affected applicants and relevant authorities must be notified as required by UK GDPR guidelines.

Roles and responsibilities

• Admissions Staff: Responsible for ensuring compliance with this policy during interviews.
• University Data Controller: Ensures UK GDPR compliance, oversees data security measures, and responds to applicant requests or data breaches.
• IT Technical Support: Provides technical support for secure storage, encryption as required, and deletion of recordings.

Review and approval

This policy will be reviewed annually by the Master of Pharmacy Admissions Team to ensure continued compliance and effectiveness.

Approved by: Adrian Moore in consultation with the compliance and admissions team.

Date: 24/01/2025

Effective Date: 24/01/2025

Review Date: 01/09/2025 (prior to commencement of 2025/26 admissions cycle).

Published: 4 November 2025