What is GDPR?
GDPR is a complete data protection game changer for every organisation. The new regulations are intended to strengthen and unify the safety and security of all data held within an organisation. It will bring new demands and challenges that will impact school resources and ultimately finances. GDPR increases the responsibility schools have to inform parents and learners about how their data is being used and by whom.
It will be mandatory to report data breaches within 72 hours
It is the schools responsibility to ensure 3rd party suppliers that process data for you also comply with GDPR
Fines up to €20 million or 4% of global turnover for non-compliance as well as your Ofsted ratings being impacted if policies and processes are not in place when it comes to data
GDPR demands a formal contract/SLA with all suppliers, including how data is stored and processed
GDPR gives more control to individuals, including the right to redact data
Data protection officers
It will be mandatory for schools to appoint a data protection officer
Schools must be able to demonstrate compliance
Schools must get it right now, in 2018 and beyond