Data Protection for Education

The GDPR was enacted into UK Law as the Data Protection Act 2018.  As for many organisations it imposes legal obligations for education and the ways they must manage and process personal data.

The legislation gives the Information Commissioner’s Office (ICO) powers to impose significant financial penalties, Ofsted now includes data protection compliance within their inspection criteria and there is a greater chance of reputational damage from bad publicity in education.

This page explains what the new legislation means for schools and the main areas that need to be considered. It is based on the DPO Centre’s experience from working with over 130 schools and colleges.

Alternatively click one of the options below to speak to us

 

Email Call

WHAT DOES NEW DATA PROTECTION LEGISLATION MEAN FOR SCHOOLS?

Like other organisations, all schools must:

tick
Be transparent in the way they process personal data and accountable for doing so
tick
Appoint a designated data protection officer if they are a state school or a private school processing personal data on a large scale
tick
Understand the data they have, where it is stored and who has access to it
tick
Implement robust processes and procedures to protect personal data
tick
Allow pupils, staff members, governors, parents, guardians and suppliers to:

  • have access to their personal data
  • ensure it is correct and modify it as necessary
  • have it deleted (unless needed for legitimate reasons)

tick
Be able to detect, manage, report and respond to data breaches including, if necessary, liaising with the ICO
education

SCHOOL ACTIVITIES USING PERSONAL DATA

Schools must protect personal data in a wide range of areas. These include:

icon

Educational Software

  • SIMS, ScholarPack, Arbor etc.
  • 2Simple, Tapestry early years systems

icon

Communications and consent management

  • Photography and displaying pictures
  • Social media, posting images
  • Parent communications, satchel post, Teachers2Parents, ParentMail etc.

icon

Policies

  • Privacy, retention and data
    protection policies
  • Staff handbooks

icon

Administration

  • Network security
  • Email systems
  • Staff payroll, pension and other HR records
  • Paper records
  • Visitors’ book and access systems
  • Managing CCTV/Video

icon

Managing Sensitive Information

  • Special educational needs
  • Medication and medical data
  • Safeguarding and family issues
  • DBS Checks

icon

Teaching and getting the job done

  • Children’s workbooks
  • Wall displays and name badges
  • Pupil premium data
  • eports and taking data home
  • School printing facilities

icon

Sharing data with others

  • School trips, peripatetic learning
  • Supply teachers
  • Feeder and transitional schools
  • References for employers and other institutions

Enquire Today

Fill in your details below and we’ll get back to you as soon as possible

Alternatively click one of the options below to speak to us

 

Email Call

DATA PROTECTION SERVICES FOR SECTORS

quote

Richard Green

Sheringham Woodfields School

“The DPO Centre has made what initially appeared to be a complex task straightforward, and we are very pleased with how thoroughly the entire process was conducted.”

Sheringham Woodfields small logo 2
quote

Jules Bridges

West Suffolk College

“Ultimately, we feel ahead of the game and a leader in GDPR compared to our competitors in the sector. It’s a cultural change that will take time to embed, but already I’m seeing changes in attitudes towards safer and improved data security.”