GDPR - The data protection time bomb in schools
The new GDPR regulations are intended to strengthen and unify the safety and security of all data held within an organisation. It will bring new demands and challenges that will impact school resources and ultimately finances.
As the ‘data controller’, schools are required to observe various principles when processing personal data. Whilst almost all current data protection regulations will remain, there will be significant changes. This will transform the way schools handle data and data breaches, ultimately changing the way they approach and manage information. Failure to demonstrate GDPR compliance can result in huge fines and other penalties.
The key changes under GDPR that schools need to be aware of, and prepare for, include:
- Greater focus on accountability – schools must be able to demonstrate compliance
- Compulsory to have a data protection officer (DPO)
- Mandatory to report data breaches within 72 hours
- Third party data processors must be GDPR compliant, it will be a criminal offence to work with suppliers that do not comply
As with most things in life, preparation is the key!
Here at Link2ICT, we looked for ways to support schools and academies to prepare for the challenge of the new General Data Protection Regulations coming into force in May 2018.
We can help schools with the following:
- GDPRiS – cloud-based Data Protection software developed specifically for the education sector
- Training courses – ensure your staff are up-to-date with GDPR requirements
- Consultancy – bespoke support to meet your school’s needs in complying with GDPR
Link2ICT, in partnership with GDPRiS, are here to help schools along the journey to GDPR compliance and beyond!
If you would like support with GDPR, or more information about GDPRiS, contact your Account Manager today.
What is GDPRiS?
GDPRiS is a highly secure, cloud-based tool designed to reflect existing processes and the way schools work, whilst pro-actively prompting them to meet and exceed the new General Data Protection Regulations. GDPRiS has been designed with schools in mind, and has been made as simple and intuitive as possible, ensuring it is easy to use and making it an invaluable tool for schools looking to achieve full GDPR compliance. The best of the best is combined in GDPRiS, it documents data flows, mapping and audit of all personal data, and prompts the use of Self Assessment Questionnaires (SAQs). It will guide ALL school staff to a new level of data protection understanding.
Link2ICT can provide the latest guidance and up-to-date information through our ongoing training programme, tailored to meet the needs of schools and academies when it comes to complying with the new GDPR requirements.
We run "GDPR - Data Protection for Senior Leaders" in Birmingham and Stafford, and new for the summer term “GDPR – Data Protection for Network Managers and IT Technicians”, an essential course for all key decision makers in school to find out about and discuss key differences between the current Data Protection Act 1998 and the new GDPR that will require schools and academies to make changes to the way they collect, process and manage personal data.
GDPR Timeline for schools
Keep track of what you should have done, should be doing and when, with this handy GDPR timeline infographic.