Data Protection Audit for Schools (GDPR) 2018-01-15T17:20:11+00:00

GDPR Audit for Schools

GDPR for schools data protection audit

Is your school ‘GDPR-ready’ with its data governance?

How well do you understand your data flows? Do you know where your information is kept, and who has access to it? Do you know when to keep information, when to share it, and how to share it securely? Could you easily track down and collate all the information you hold about a member of your school community? All of these questions, and many more besides, will soon be asked of you by the new General Data Protection Regulations (GDPR).

GDPR is, at its heart, an updating of the original data protection principles to make them fit for a more integrated digital age. It is also a shift to ensure that you put the rights of the data owner – your learners and colleagues – at the heart of your data governance practices. Individuals will retain full rights over their personal data, and you must ensure that you only process that data in ways that are fair and lawful.

Good data governance really boils down to a series of simple questions, underpinned by well-known data principles. Are you open and honest with your learners about what information you collect about them, why you need it, and who will see it? Do you only use it for those purposes? Is it kept securely, and can people update or remove their details easily? Will you get remove it when you no longer have a valid reason to keep it? That openness and honesty should be at the centre of your school’s approach to data governance, helping to build a culture of mutual trust and respect.

A Data Protection for Schools Audit from NOS will help identify any areas where your approach to data governance could be improved. It will help you understand where personal data is gathered, stored and used, and highlight any areas for improvement, minimising the chances of data breaches.

Training and awareness for staff, governors and learners will also be covered, so that all members of your school community understand how data protection affects them, and the rights they retain over their personal information. Here’s what’s covered in our Data Protection for Schools Audit:

  • Identifying what data is kept about learners, colleagues and partners

  • Who has access to personal data and how is it tracked

  • Sharing data with 3rd parties – when you can and can’t do it

  • Data security

  • Data transfers

  • Data breaches and how to avoid them

  • Subject access requests

  • Wording consent statements correctly

  • Data retention policies

  • Privacy notices

  • Oversight at management and Board level

  • Roles and responsibilities within your school

  • Advice and guidance for staff

  • Requirements around 3rd party suppliers and partners

Interested? Contact us today to find out more.

Anti Bullying Alliance
Cyber Essentials
The CPD Certification Service
GDPR for Schools Webinar - Limited Spaces AvailableFind Out More