If your school is a maintained school or academy, then it is classed as a public authority and, under the GDPR, must appoint a DPO. This person is responsible for monitoring the application of the Regulation and advising and guiding the...
The data protection policy is the foundation of a school’s compliance with the UK GDPR (General Data Protection Regulation) and DPA (Data Protection Act) 2018, and from which other policies, procedures and processes are based. It is an internal document that...
In this blog series, we outline which documents your school should have to support its GDPR compliance. In this blog, we outline the privacy notice....
Our GDPR Checklist for Schools helps you track your progress towards compliance. It addresses common cyber security concerns and includes vital steps that schools should take....
As recent attacks on schools and school districts in the US show, schools are not immune to cyber attacks and a successful attack can be disruptive and expensive to fix. It can also compromise access to confidential or sensitive information, and...
Phishing and many other cyber attacks exploit common weaknesses in organisations that do not require advanced cyber skills, and are free or low-cost to mitigate. Unfortunately, schools are particularly vulnerable to cyber attacks. Busy staff and often low technical understanding make...