Free GDPR resources

Free GDPR resources

We’re here to help

Our free resources are designed to help schools understand the changes to the data protection law under the GDPR and the new Data Protection Act 2018. We continuously add new resources, so please revisit this page regularly.

Click on the tabs below to access our FREE printable guides and essential information.

What is an audit?

The term ‘audit’ can mean many things within the Data Protection world. However, in simple terms you and your DPO carry out an audit to double check the personal data you process and use, and ask other organisations to manage for you, is kept safe to ensure you protect the rights of the individuals you serve. It can be likened to a MOT on your car – you keep it running well at all times, but once a year an independent body checks its OK. Use the guides below to help you carry out an audit.

What you need from your suppliers

You must first establish whether your supplier is a data processor for you or if you have a B2B relationship.

Here are some documents to help:

ICO visits to schools and early years settings

Advisory Visit v Audit Visit

As of the beginning of Autumn Term 2018 no school has received an Audit Visit from ICO. However, the number of Advisory Visits continues to grow and we are advised that Audit Visits will start being carried out with MATs and schools in the latter part of 2018.

So what is the difference between an Advisory Visit and an Audit Visit?

Advisory visits involve a one day, informal visit, from the ICO to look at how your organisation works, what kind of personal information you hold and what you do with it. You will receive a report which is not published on the ICO website, however they will publish that an Advisory Visit has taken place.

More details of the Advisory Visit can be found HERE

Many schools have been in contact with the ICO and have been invited to receive a visit from an ICO Audit Advisory team. A GDPRiS school in London received such a visit and has asked us to share their experience with other schools, if you would like to find out more please get in touch

Audit visits normally take place over 3 days and look at the way you handle personal data in a more detail than an Advisory visit. The same areas are covered but there is an in-depth review of each area.

The ICO audit team recently updated their advice on audits which you should find very interesting.  It will help you focus on how you carryout your own internal audits.

You can find this updated advice HERE

Nurseries and Early Years settings – ICO produced an Overview Report of data security in nurseries. The report of the findings HERE is well worth a read for leadership teams in this sector.

Data Breaches – be ready

A data breach is when confidential, private, or sensitive information escapes out of its secured environment. Data breaches can occur accidentally, or as the result of a deliberate attack.

Every year millions of people are affected by data breaches and schools and early years settings are no exception. Whilst every responsible organisation does its best to keep data safe, when a breach does occur everyone must know what to do, when to do it and how to report it.

Here’s some really useful resources to help you prepare for data breaches

Information from the DfE

The DfE has plenty of useful support materials. The Data Protection ToolKit for schools will be regularly updated so it’s a good idea to visit every now and then.

Information from ICO

ICO (Information Commissioner’s Office) is the organisation which oversees that data protection laws are applied in all organisations including education. Their resources, although not always directly applicable to schools and early years settings, are an excellent source of information.

Data Protection Awareness Posters

It’s not rocket science! Download and display our free poster throughout your premises to remind all staff that everyone has a responsibility to protect personal data and help you demonstrate your commitment to data protection to all.

A4 full colour Data Protection Awareness Poster
A4 Ink-friendly Data Protection Awareness Poster

Access the full series of posters

We have produced a whole series of data protection posters that you can download and use free of charge when you sign up.

Sign up

Free training videos

Staff training video

Legal basis for processing

12 steps to compliance

Mind Map videos

Build a data eco-system

Data protection

Keep parents informed

Mind Map printables

Mind Map: Build your data eco-system

A useful handout to accompany our Mind Map video – print this out to help to remind staff of your commitment to ensure personal data is kept safe and secure.

Download

Mind Map: School data protection

A useful handout to accompany our Mind Map video – print this out to help to remind staff of your commitment to ensure personal data is kept safe and secure.

Download

Mind Map: Keep parents informed

A useful handout to accompany our Mind Map video – print this out to help to remind staff of your commitment to ensure personal data is kept safe and secure.

Download