Lawyers accused of giving wrong GDPR consent advice A recent article in the Law Society Gazette by Brian Rogers, a legal compliance expert, warned that some solicitors who gave advice regarding how to comply with new GDPR rules last year should revisit that advice. He believes that mistakes were made when giving GDPR consent advice. He states that lawyers may
ICO’s first school audit reports online Enquire Learning Trust, Active Learning Trust and Greenwood Academies Trust are the first MATs to experience an ICO audit since the introduction of the GDPR in May 2018. These reports have been published online in the public domain. Many schools will learn much from these reports. Enquire Learning Trust was praised for creating an
Brexit may prevent EU online processing It is hard to avoid the news about whether there will be a ‘Deal’, ‘No Deal’ or a Hard Brexit. Education will be affected and as a result, the DfE has published advice to prepare schools for each eventuality. This covers teacher qualifications, travel, pensions, university places, and many other areas where data is
Why you shouldn’t open emails until you read this. Schools are facing an email phishing scam epidemic and need to know what to do. The information below should be read by your Data Protection lead/DPO, your IT Support and it is advised that Senior Leadership are fully informed. The emails may look like this…
The top 5 tasks you SHOULD have completed to ensure compliance with the GDPR It’s been several months since GDPR Day – here are 5 things you SHOULD have completed by now: 1 Appoint and inform ICO of details of your DPO It is a legal requirement under the GDPR that every school appoints a Data Protection Officer (DPO). You MUST
Choosing a Data Protection Officer (DPO) for your school When the GDPR (General Data Protection Regulation) comes into effect on 25 May 2018, every state funded and private school, as well as nurseries and child care organisations, must name their data protection officer (DPO). This person may be a member of staff or someone from an outside organisation – there
Schools’ obligations as data controllers Yes, as a school you are classed as the ‘data controller’ so you should make sure that you observe a few things when processing any personal data. Anyone else you are connected with, such as 3rd party suppliers, that also process personal data are called the ‘data processor’. Under GDPR data controllers and data processors
Yes, you read that right! Unless schools have started preparing for the implementation of the new General Data Protection Regulations (GDPR) in May 2018, which brings massive changes to data protection, they really are sitting on a ticking time bomb. The new regulations are intended to strengthen and unify the safety and security of all data held within an organisation.