If your school is a maintained school or academy, then it is classed as a public authority and, under the GDPR, must appoint a DPO. This person is responsible for monitoring the application of the Regulation and advising and guiding the...
The data protection policy is the foundation of a school’s compliance with the UK GDPR (General Data Protection Regulation) and DPA (Data Protection Act) 2018, and from which other policies, procedures and processes are based. It is an internal document that...
In this blog series, we outline which documents your school should have to support its GDPR compliance. In this blog, we outline the privacy notice....
After years of negotiation, the UK finally left the EU on 1 January 2021, but many organisations are no closer to understanding the data protection ramifications of Brexit. Schools with close ties with the EU, may have to make major changes...
Our GDPR Checklist for Schools helps you track your progress towards compliance. It addresses common cyber security concerns and includes vital steps that schools should take....
As recent attacks on schools and school districts in the US show, schools are not immune to cyber attacks and a successful attack can be disruptive and expensive to fix. It can also compromise access to confidential or sensitive information, and...
Moving beyond baseline compliance One year on from the introduction of the GDPR, Information Commissioner Elizabeth Denham stated in a blog: The focus for the second year of the GDPR must be beyond baseline compliance – organisations need to shift their...