Information security and data protection are important issues for schools, colleges and other organisations. It is important that policies and practices around managing personal data are clear and well understood.
The EU General Data Protection Regulation (GDPR) and the UK Data Protection Act (DPA) set out the data protection rules, modernising the previous rules.
GDPR changes how organisations (including schools and colleges) can process (i.e. handle) information relating to data subjects (including children, parents, staff). Data subjects also have a wider set of rights and controls over their information.
Advice and Guidance
Advice and guidance to help schools and colleges better manage personal data
Understand GDPR
Understand your obligations and the rights of data subjects
Data Protection Guidance Downloads
Our data protection resources provide advice and guidance to help schools and colleges better manage personal data, and should be used alongside the policies and practices already in place.
The resources do not constitute legal advice, and each school or college should seek their own legal advice when considering the management of personal data in alignment with GDPR and DPA.
Personal Data Management
Advice and Guidance for Schools and Colleges on how to manage and protect data to be GDPR compliant
Questions from the Governing Board/Trustees/Directors
This document is designed to support governors/trustees/directors of schools / colleges in the UK with the Data Protection changes brought about by the EU General Data Protection Regulation or GDPR
