Working together to shape Policy, Procedure and Practice
GDPR is coming are you ready?
Under the new General Data Protection Regulation (GDPR), schools will need to appoint a Data Protection Officer (DPO).
Does my school need to appoint a Data Protection Officer? Yes. From May 2018, under GDPR a school must appoint a Data Protection Officer.
What does a DPO do?
In a nutshell, enable and help the school and its staff to comply with the GDPR. The DPO should encourage a ‘data protection culture’ (e.g. data protection by design, the use of data protection impact assessments, ensuring staff understand their data responsibilities, can / do comply with GDPR principles and follow the school’s data protection policy).
The DPO is the first point of contact for all stakeholders with regard to data – highlighting and upholding the principles of data processing, data subjects’ rights, records of processing activities, security of processing, and the notification and communication of data breaches.