This is a must course for all key decision makers in school to find out about and discuss key differences between the current Data Protection Act 1998 and the new GDPR that will require schools and academies to make some changes to the way they collect, process and manage personal data. The role of data protection officer, which is compulsory under the GDPR, will be explored and resources provided to help support gathering information on how establishments currently process personal information, including advice for good practice moving forward in line with GDPR compliance.
Areas such as technology use and IT infrastructure in relation to processing and storing personal data will be explored along with staff day to day common practice. Raising awareness amongst staff and refining practice will form an essential part of preparing an establishment for the GDPR requirements.
Current data protection policies and practices will need to be reviewed and updated in order to be compliant with the GDPR from 25th May 2018. Accountability and governance is a big part of the changes and establishments will need to provide evidence on how they are complicating with the GDPR. Ofsted have been involved in the past with the ICO in relation to schools and non-compliance of the Data Protection Act 1998 and therefore assume that this will continue to be so under the GDPR requirements. None compliance of the GDPR could result in heavy financial penalties being paid.
This course will enable you to:
- Better understand the changes the GDPR will bring and what this means for your school - take back practical advice for compliance; taking action now to prepare for 25th May 2018;
- Create an action plan and begin an information assets audit;
- Support existing self-assessment and record management procedures and practice;
- Identify risks and make sure that appropriate mitigation are in place;
- Ensure that reasonable measures have been taken to protect data.
This course is suitable for headteachers, senior leaders and senior information risk owner (SIRO)/data protection officer and school business managers