The solution What Does GDPR for Schools solution DO?
At GDPR Systems we have designed our GDPR for Schools solution to make it easy for schools to record all the staff, breachable assets and types of personal data. The GDPR solution ties the staff, to the data and locations, it also includes the lawful basis for using and processing the data. Therefore should the school ever need to evidence their commitment and proof of personal data security it is available from the system. Most of all there are specific customised GDPR policies and procedures produced by the GDPR for Schools solution.
Key features of GDPR for Schools
- School information
- Breachable assets
- Policies for GDPR
- Procedures for GDPR
- GDPR Reports
The solution GDPR for Schools supports schools with this task of identifying and implementing GDPR within the school environment. Schools face various unique challenges in understanding the GDPR as their key data is based on children.
GDPR for Schools Questions
Should a Data Protection Officer be appointed?
This means that a school should consider whether they match one of the 3 criteria that the GDPR says requires a Data Protection Officer. These are if the school;
- is a public authority (except for courts acting in their judicial capacity);
- carries out large-scale systematic monitoring of individuals (for example, online behaviour tracking); or
- carries out large-scale processing of special categories of data or data relating to criminal convictions and offences.
Schools that are part of an academy group and think there is a need for a Data Protection Officer could look at employing a Data Protection Officer as a group. Whatever the school decides, it is clear that the safety and security of children’s personal data that schools are responsible for is of paramount importance.
Identifying Systems that Contain Personal Data
The systems that are already in place within the school hold vast quantities of data. Remember not all of them hold personally identifiable data. The identification of personally identifiable data within a schools network of computers is not an easy task. When approaching this task it is easier to talk to departments as a whole. This is due to people only knowing about the data within their area of expertise. Appreciate personal data can be held on a post-it note, or in an excel spreadsheet, or as in one example, we foundpersonally identifiable dat stuck on the wall of the reception where a staff list was hung with all the contact details of each member of staff.