Information security and data protection are important issues for schools, MATs, colleges and other organisations. It is important that policies and practices around managing personal data are clear and well understood.
The EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018 set out the data protection rules relating to the processing of personal data.
The GDPR defines how organisations (including schools, MATs and colleges) can store, use and send information relating to data subjects (including children, parents, staff).
Advice and Guidance
Advice and guidance to help schools, MATs and colleges better manage personal data
Understand the GDPR
Simplified summaries to help schools understand their obligations and the rights of data subjects
Data Protection Guidance
The SWGfL GDPR Guidance provides advice and guidance to help schools, MATs and colleges better manage personal data, and should be used alongside policies and practices already in place.
It is intended to assist schools, MATs and colleges with understanding the GDPR and with identifying steps that can be taken to improve data protection; it is not intended to provide legal advice and schools, MATs and colleges should seek their own legal advice when considering the management of Personal Data in alignment with the GDPR and the Data Protection Act 2018.
Data Protection Resources
Access the SWGfL GDPR Guidance using the links below.
Data Protection Products and Services
360data
Data security and policy self-review tool
SSL Certificates
TLS/SSL Certificates for schools from Certificate Authority QuoVadis
Ransomware White Paper October 2018
This document provides an overview of the guidance from SWGfL and signposts to products and services that can help. Published October 2016
Cloud Data Backup
Cloud Data Backup using Azure Backup Service
