From 25th May 2018, the Data Protection Act (DPA) will be replaced by the General Data Protection Regulation (GDPR) – meaning that the way we manage all data and information within school will change.
Paper in filing cabinets, keeping records and databases of student and staff information, monitoring what’s happening day-to-day on the premises through CCTV – today’s educational landscape is packed with data.
Under current legislation school already has a duty of care to ensure that this data is kept safe and secure. And with the GDPR coming into effect school will have an increased responsibility to ensure this information – regardless of what form it’s kept in – is managed in the right way in compliance with this new regulation.
Non-compliance can currently see fines of up to £500,000 being imposed from the Information Commissioners Office (ICO), as well as Ofsted ratings being seriously affected if there isn’t correct policies and procedures in place when it comes to data and IT security.
But what actually is it, exactly how will GDPR affect schools and what are we doing about it?
Let’s take a look:
Put simply, the GDPR is a new data protection regulation that’s designed to strengthen and unify the safety and security of all data held within an organisation.
It will entirely replace the current Data Protection Act, making radical changes to many existing data protection rules and regulations that many organisations such as schools, academies and other educational establishments currently adhere to under the DPA.
Whilst you may see some similarities between the GDPR and the DPA, there will be some significant differences that will have a real impact on the way data is handled and ultimately affect the way you manage information in your school.
Here’s just a few of the key things to watch out for:
If you’re already complying with the DPA then chances are you already have some strict policies in place. But this doesn’t mean that just because you comply with DPA regulation, you’re automatically going to be compliant under the new GDPR law.
Whilst a number of the GDPR’s main principles are similar to those in the Data Protection Act, as we’ve seen, there will inevitably be some new elements and significant enhancements – meaning you may have to do some things differently.
As such, the ICO have put together a guide on Preparing for the General Data Protection Regulation (GDPR). They suggest a number of things you should be starting to do to get yourself ready for the change:
You can read the full guide and the ICO’s recommendations here.
At Peel Brow School we are following all the guidelines, we have updated privacy notices and have a appointed a data protection officer, who is idependent from school.
Please see below for information related to the GDPR.
Unfortunately not the ones with chocolate chips.
Our cookies ensure you get the best experience on our website.
Please make your choice!
Some cookies are necessary in order to make this website function correctly. These are set by default and whilst you can block or delete them by changing your browser settings, some functionality such as being able to log in to the website will not work if you do this. The necessary cookies set on this website are as follows:
A 'sessionid' token is required for logging in to the website and we also use a 'crfstoken' token to prevent cross site request forgery.
We use Matomo cookies to improve the website performance by capturing information such as browser and device types. The data from this cookie is anonymised.
Cookies are used to help distinguish between humans and bots on contact forms on this website.
A cookie is used to store your cookie preferences for this website.Cookies that are not necessary to make the website work, but which enable additional functionality, can also be set. By default these cookies are disabled, but you can choose to enable them below: