Stephen Mitchell

GDPR for School Leaders

The clock is ticking, and the new GDPR regulations come into force in May next year.

There is much scaremongering going on at the moment online about GDPR and it seems that more suppliers, by the day, are lining up to sell you services to ensure you comply with the regulations.

I don’t believe all the hype.  I attended a presentation recently where someone was saying that this was such a significant burden, and that schools weren’t qualified to deal with the changes.  Piffle!

I’ve done a lot of research into what GDPR means for our Trust, and I’m not scared.  Yes, there’s a lot of work, but it just needs working through.  For me, GDPR means 3 things:

  • You need to know what data your organisation processes, and how
  • You need to revisit the whole issue of consent again
  • and its a real opportunity to make your organisation more efficient and following best practice guidelines.

I’ve prepared a template for mapping what data your schools currently hold, and process.  Click this link to access the template Free of Charge.  Schools GDPR Data Mapping template

I’ll be uploading other documents in the coming days too, including:

  • Guidelines on how to carry out your data audit
  • Data Privacy Notices
  • Consent procedures
  • Subject Access Request Forms
  • Job Descriptions for Data Protection Officers
  • Privacy Impact Assessment Record
  • How to get Privacy by Design into the way your school works
  • Internal Breach Register

Please let me know if you find these helpful, and contact me with anything else you’d like to see.