UK GDPR

UK General Data Protection regulations

​

(for subscribers only) 

CBICT’s Data Protection Governance Framework  This section gives access to our resources (e.g. Subject Access Request template policy; Data Breach Policy template and more…).

​

CBICT General information

GDPR Overview brief outline of what GDPR is and how it affects schools

​

Frequently Asked Questions about GDPR and its application to schools

​

​

Government/DfE Documents

​

Data Protection in schools (published Feb 2023) -  this toolkit will help school staff, governors and trustees to:

• understand how to comply with data protection law

• develop their data policies and processes

• know what staff and pupil data to keep

• follow good practices for preventing personal data breaches

 

 

Information Sharing advice for safeguarding practitioners

 

Other useful DfE GDPR resources

​

• GDPR Guidance for Schools (video)

• GDPR Readiness: Focus on Catering

•  Twelve steps to take now, or twelve steps to take later?

• Talking with Staff on GDPR

• Social care – The Eight Caldecott Principles – information governance (& data sharing) in health and care systems

 

​​NCSC

National Cyber Security Centre (NCSC) – Advice & Guidance for Education – access information on a range of topics associated with schools:

​

• Practical resources to help schools improve their cybersecurity

• How to stay secure online

• Early Years Practitioners – using cyber security to protect your settings

• Video conferencing services – using them securely

• Home learning – advice for parents and carers

• Home learning technology - securing tools for remote education

 

Cyber Tools for UK schools! – NCSC’s free Web Check and Mail Check services can help protect schools from cyber attacks

 

Cyber Security in Schools: Questions for governors and trustees - to help improve schools’ understanding of their cyber security risks 

​

Good practice with passwords – great advice for managing passwords effectively

 

• Guidance for home working – preparing your organisation and staff

 

 

Information Commissioner’s Office (ICO)

​

ICO’s Guidance on GDPR 

​

Specific links:

ICO Guidance for Educational Establishments - where you can find specific guidance on the following:

•  Exam results

• Lesson plans for teachers

• Subject Access requests

• Accessing official information

• Accessing pupils’ information

• Taking photos in schools

 

Installing CCTV – considerations before you start and how to manage

 

ICO Audit Reports

Findings from ICO’s consensual audits of 11MATs (sept 2018-Oct 2019)
“To support the MATs work, we looked at a good size sample of schools and their performance of subject access requests (SARs). This again intends to help educators understand the rules around this sometimes misunderstood activity and support improved performance”.

 

Findings from ICO reviews of subject access request handling within educational establishments (Nov 2020)

​