You are here:

Last updated on 19 December 2019
Ref: 32393
School types: All · School phases: All

Schools must ensure their data processing complies with data protection law under the General Data Protection Regulation (GDPR). Here's what your board needs to do to make sure you and your school are compliant, including a downloadable checklist to monitor compliance.

Article tools


  1. Your whole board needs to understand the law
  2. Ask senior leaders for evidence of compliance
  3. Review your own data processing procedures
  4. Clerks: review your understanding of best practice
  5. Add data protection to your risk register
  6. Regularly scrutinise the appointment of the data protection officer
  7. Designate a data protection ‘champion’
  8. Decide how you will monitor GDPR compliance
  9. Local governing bodies in MATs: check the trust is compliant

More from The Key

The Key has taken great care in publishing this article. However, some of the article's content and information may come from or link to third party sources whose quality, relevance, accuracy, completeness, currency and reliability we do not guarantee. Accordingly, we will not be held liable for any use of or reliance placed on this article's content or the links or downloads it provides. This article may contain information sourced from public sector bodies and licensed under the Open Government Licence.