Who retains ownership of the data?

From a security and data governance perspective, the approach agreed with the Office of Civil Nuclear Security (OCNS) is that each employer organisation will be responsible for the data that it makes available to the Skills Academy for recording on the Skills Passport. This includes the responsibility for obtaining the relevant permissions from their employees’ wrt Data Protection i.e. permission will have to be explicitly sought from all individuals to have their training and qualification records stored on the Skills Passport IT application.
 
Once the data is in the system, the Skills Academy will be responsible for the data, in particular, the security hosting of the database including access to the information. It is however noted that each member organisation using the scheme will have to appoint a skills administrator who will have a duty of joint data controller as per the requirements of the Data Protection Act. The onus will be on employers to manage their own data appropriately for example, archiving records when an individual leaves their organisation. being an example of this.