13-02-2019
07:08
Our team sorts through all blog submissions to place them in the categories they fit the most - meaning it's never been simpler to gain advice and new knowledge for topics most important for you. This is why we have created this straight-forward guide to help you navigate our system.
And there you have it! Now your collection of blogs are catered to your chosen topics and are ready for you to explore. Plus, if you frequently return to the same categories you can bookmark your current URL and we will save your choices on return. Happy Reading!
There is much panic related to the implementation of GDPR in May 2018, yet it is pertinent to note that GDPR came into effect in 2016! However, organisations have been given 18 months to prepare before the enforcement of the new regulations begin.
Compared to many private organisations, schools are much better placed to address the new regulations. Make no mistake, GDPR is a data protection game-changer and it will bring new demands and challenges that will impact school resources and ultimately finances.
In education, there has always been a culture that values every person’s rights and freedoms, and schools have always had to give parents and children access to their data. Let’s take a brief look at the 5 key things schools need to be aware of and how they might prepare for GDPR implementation.
1. Individuals rights
GDPR gives more control to individuals, and their rights have been clarified. In broader terms no data may be processed unless all rights are considered and fulfilled, where relevant.
These are:
What you can do to prepare:
2. Data Processors/School suppliers
GDPR mandates a formal contract/SLA with all suppliers that process data, including how the data is stored and managed. It is the school’s responsibility to be proactive in establishing if 3rd party suppliers are GDPR compliant. If there was a data breach or non-compliance by a supplier, the school (as the Data Controller) may be held jointly liable.
What you can do to prepare:
3. Accountability
GDPR brings a much greater focus and accountability and evidence. School governing bodies are solely responsible for their compliance with the principles of GDPR and must be able to demonstrate their compliance.
What you can do to prepare:
4. Data Protection Officers (DPOs)
It will be mandatory for schools to appoint a data protection officer, you can appoint your own DPO internally or externally and can share a DPO with other schools. The GDPR does not specify the relevant qualifications that DPOs need, but it does require a DPO to have
“expert knowledge of data protection law and practices.” It is important to remember that the DPO is there as supervisor to ensure you comply and offer guidance. The DPO bears no liability for any data breach or non-compliance.
What you can do to prepare:
5. Data Breaches and Subject Access Requests (SARs)
It will be mandatory to report data breaches to the ICO within 72 hours where an individual is likely to suffer physical or mental harm.
Subject Access Requests (SARs) also have a lower timescale than the previous act. It will be mandatory to respond within 1 month and the biggest change is that you are no longer able to levy the fee of £10 for SARs.
What you can do to prepare:
Schools with existing rigid data protection policies should see GDPR as an opportunity to improve the way they work – not a stick to beat them with. The most important thing to say is ‘don’t panic’ BUT do ‘start preparing now’, if you haven’t already. GDPRiS has put together free resources for schools to access and download to help them on their journey to compliance.
You must be logged in to post a comment.
Securus provide market-leading monitoring solutions to safeguard students on ALL devices both online and offline. We also offer a full monitoring service, where we carry out the monitoring on behalf of the school, freeing up valuable staff resources. From the smallest school to large MAT groups, Securus offers safeguarding protection for all!
As European leaders of Time Management Solutions, Bodet offer Lockdown, Clock, Bell & PA Systems. Harmonys, our five-in-one IP/PoE Bell System, provides a unique customisable lockdown or panic alarm alert. Melodys, a Wireless Bell System, is useful where wiring can be difficult.
Robotical makes Marty the Robot - a walking, dancing coding robot that makes programming fun and engaging for learners as young as 5. Our robots come with a full Learning Platform that has complete teaching resources, to make lesson planning a breeze.
Are you looking for solutions? Let us help fund them! Nexus Education is a community of over 11,000 schools that come together to share best practise, ideas and CPD via online channels and free to attend events. Nexus also offers funding to all school groups in the UK via nexus-education.com
As a group, Fusion Education People Solutions provide innovative HR Services and Software (SAM, SAMpeople and FACE-Ed), developed specifically for the sector by education specialists. We are trusted by over 1000 schools and trusts across the UK.
Our website and ready-to-use resources bring to life the incredible stories of game changers from history – ordinary people who used their character strengths to help them achieve extraordinary things. Our site has been carefully designed to support learning and development on a whole-school basis, across the whole curriculum.
Chatty Learning are an innovative provider of software, training and speech and language therapy services to support the development of communication skills in the most disadvantaged children. We help overcome word poverty to get children talking, reading and thriving in schools and settings.
Community Brands comprises of market-leading education technology tools trusted by over 18,000 schools. Our solutions provide customers with benefits by reducing costs, offering staff more time to focus on their priorities, and working with leadership teams to achieve your goals.
Great article. Lots of scaremongering around at the moment but this helps put it all in perspective.