You are here:

Finance and premises : Data protection and the GDPR

Data protection and the GDPR

  • Data protection officer (DPO): who can it be? Schools must appoint a data protection officer (DPO) from May 2018 under the General Data Protection Regulation. Here's the information you need on the options available to your school type to help you scrutinise the appointment.
  • Freedom of Information Act 2000: guidance for schools Is there any guidance for schools on the Freedom of Information Act? In this article, we look at guidance from the ICO on information that schools must publish, how to handle a request, how much to charge for a request and when you can refuse requests for information.
  • GDPR 1 year on: what's happened and what to ask your DPO You should get an annual report about the General Data Protection Regulation (GDPR) from your data protection officer (DPO). Here's what to look for, questions you should ask, and a quick update on what happened this past year in the world of data protection.
  • GDPR cheat sheet: how to keep personal data safe Download our summary of the main actions governors need to take to protect personal data, including tips for keeping emails secure and what to do with governing board documents.
  • GDPR glossary The world of data protection is filled with jargon and technical terms. Our GDPR glossary makes it accessible for you.
  • GDPR: governors and trustees acting as the DPO Schools must appoint a data protection officer (DPO) under the GDPR, but for many it's not proving easy to find a suitable candidate in the staff team. Some schools are therefore considering governors or clerks for this role. We look at why you may not be best-placed to take this on.
  • GDPR mythbuster Avoid the scaremongering around the GDPR and use our mythbuster to separate the fact from the fiction when it comes to visitor books, photo archives, fines, consent and more.
  • GDPR: personal data breach procedure UpdatedDownload our model procedure for use in the event of a data breach at your school. It's based on the requirements of the GDPR.
  • GDPR resource hub for governors and trustees UpdatedThis is your go-to hub for support with monitoring your school or trust's compliance with the General Data Protection Regulation (GDPR).
  • GDPR: what governors and trustees need to do to be compliant Schools must ensure their data processing complies with data protection law under the General Data Protection Regulation (GDPR). Here's what your board needs to do to make sure you and your school are compliant, including a downloadable checklist to monitor compliance.
  • Performance data resource hub for governors You don’t have to be a professional data analyst to be an effective governor. Get a handle on what you do - and what you don’t - need to know about school performance data.
  • The General Data Protection Regulation (GDPR) Get up to date with the GDPR in 1 minute. You can also download this QuickRead as a ready-made resource to share with colleagues.