General Data Protection Regulation GDPR
GDPR - Solutions for Schools
Manage all aspects of GDPR including a Data Audit, Privacy Notices, Data Protections Policies, Subject Access Requests (SARs) and data breaches.
Are you prepared for GDPR?
The Data Protection Bill was announced in the Queen’s Speech on 21 June 2017.
The bill will replace the Data Protection Act 1998 with a new law that provides a comprehensive and modern framework for data protection in the UK.
The GDPR applies in the UK from 25 May 2018. The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR
The new legislation is the biggest change in data privacy legislation in 20 years. Although the Information Commissioner (the UK Data Protection Regulator) has stated it is an 'evolution' ... not a revolution' of our current data protection laws, it places additional burdens on schools including an overhaul of existing practices for handling personal data about pupils, parents/guardians and employees to ensure compliance.
Steps to take to become GDPR compliant
1. Ensure senior management understand the significance and impact of GDPR on your school, and seek their support and direction on how to prepare for the changes.
2. Carry out an Data Mapping Audit to identify and record what personal data you hold, where; who you share it with; how long you keep it for and what your lawful basis is for processing it.
3. Inform employees and other key people that the law has changed and deliver needs based GDPR training to them.
4. Review, update or create policies and procedures which reflect the GDPR changes. particularly in relation to data breach investigation and reporting; privacy notices, obtaining and managing consent and handling requests from individuals exercising their rights.
5. Appoint a Data Protection Officer. This person must have expert knowledge of data protection law and practices and be able to fulfil the tasks set out in Article 39 of the GDPR. This person can be an employee or an external contractor.
GDPR - Our solutions for schools, academies and MATs
- Provide telephone advice and guidance on GDPR compliance
- Review and advise on privacy policies, procedures and documentation relating to the processing of personal data
- Monitor compliance with the GDPR using GDPRiS toolset
- Review and advise on the necessity of a data protection impact assessment (DPIA)
- Provide guidance on data breach monitoring, management and reporting
- Provide advice and guidance on how to respond to privacy rights requests from individuals (information, access, rectification, objection, erasure, right to data portability)
- Provide advice on staff GDPR awareness training
Price: £800 Primary £1,000 Secondary
20% discount available for MATs
Note: When purchasing the SLA you will need to buy into the GDPRiS Cloud Platform package which includes technical support.
Designed to help schools meet and exceed the new GDPR regulations.
Can be purchased as standalone.
The cost includes a half-day training course for your Data Protection Officer (DPO)/Data Lead. They must attend in order to access the GDPRiS Platform.
Price: Starting from £312 up to £972 dependent on size of school
Contact our GDPR Lead - Donna Holloway to discuss your requirementsEmail Donna