An introduction to GDPR
The General Data Protection Regulation (GDPR) started in May 2018. The new regulation is about protecting people in the modern information age. It gives more control to individuals and more responsibilities to organisation which collect and hold your data. We have put together some information to help you understand the changes being made to data protection by the Government, how it affects school and everybody connected with those schools.
Park Academy’s GDPR Policies are listed below:
DATA PROTECTION OFFICER
The Data Protection Officer is responsible for overseeing data protection within the academy so if you do have any questions in this regard, please do not hesitate to contact them on the information below:
Judicium Consulting Limited
72 Cannon Street, London EC4N 6AE Email: firstname.lastname@example.org Tel: 0203 326 9174 Web: www.judiciumeducation.co.uk
Schools handle a large amount of personal data. This includes information on students, such as grades, medical information, images and much more. School also hold data on staff, governors, volunteers and job applicants. Schools will also handle what the GDPR refers to as special category data, which is subject to tighter controls. This could be details on race, ethnic origin, biometric data or trade union membership.
The data is already governed by existing DPA regulations, which ensure personal data is handled lawfully. However, the new GDPR has gone further and requires organisations to document how and why they process all personal data, and gives enhanced rights to the individual.
The changes made by the school to comply with GDPR
Schools already had strict data protection policies and had kept data secure and used it appropriately, but with GDPR there is even better security and greater transparency.
In many areas consent is not needed as school have a duty to keep children safe and deliver a high standard of education. However, where consent is needed you will be asked for it in a clear manner and allowed to remove it, if you wish.
The data held in school
|Student Education||Student Medical Data|
|Parent Data||Special Needs|
|Safeguarding Data||School Meals Data|
|Staff Employment Data||Staff Health Data|
|Contracts with Suppliers||CCTV|
The School Governing Body
- Takes the lead
- Holds the school accountable
- Provides assurance
- The Data Protection Officer answers to the Governing Body and the Principal
It is important that you know your rights but remember some rights are overridden by the necessity of key school functions.
- Right to be informed. To know what, how where, and for how long your data is used.
- Right of access. To be able to see and know what data is being held.
- Right to rectification. To fix any errors in the data held.
- Right to erasure. To choose to have the data erased.
- Right to restrict processing. To stop data being used for certain purposes.
- Right to data portability. To move a copy of the data elsewhere.
- Right to object. To complain about how your data is used.
- Rights related to automated decision making and profiling.
- UK Regulator – Information Commissioner’s Office (ICO)
Further information can be found on their website www.ico.org.uk