14th May 2018
How ready is your school's IT department for the GDPR?
Is Your School GDPR Ready?
The Switch2IT team is as passionate about data privacy as it is about supporting young people and the local Sussex, Hampshire, Surrey and Kent communities. Last month we contributed £1000 to the Worthing ITU trust fund and £250 to Place2Be, the leading national children's mental health charity which aims to make an impact in schools. We also know the importance of getting school IT suites and departments up to the General Data Protection Regulation (GDPR) level because compliance is not a choice but good ongoing best practice is.
There are several things that schools in Sussex and beyond will have to consider before it is out with the Data Protection Act (DPA) and in with the GDPR on 25 May. While these are only some pointers to get you off the starting line, we are here to breakdown what is what so you can make a good active move towards demonstrating your compliance:
List all personal data that your schools collects
First, personal data is defined as any of the following: name, job title, address, email address, photographs, IP address, location data, online behaviour i.e. cookies, and analytics data. Second, one of the GDPR’s main concerns is with the record keeping of consent with regard to storing and using personal data. If you know how, where, when and why you gathered each piece of data you hold, you will be better equipped when it comes to needing a record of processing when a request, for example, a change or deletion of data occurs.
Update all data collection forms and data processing agreements to comply
Whenever you collect personal data from individuals – whether it’s from parents, guardians, children or contractors – you will need to provide basic information, as in your record of processing and your data protection statement. Remember the simple, but very important point, of consent now meaning people have to opt-in with an affirmative check box rather than opt-out. You will also need to have any external organisations you deal with, such as the company you outsource your school IT support to, sign a data processing agreement so that you cover all bases.
Make sure your staff members are aware of GDPR
Another key point is that your entire staff – from caretakers and office workers to teachers and teaching assistants – are familiar with the new GDPR and know how their personal data should be dealt with and how they should deal with that of others. In most cases, depending on the size of your school, you will need to appoint a data protection officer or someone who focusses on and “owns” GDPR should anyone exercise their data rights. These new rights include: the right to access; the right to rectification; the right to erasure; the right to restrict processing; the right to object to processing; the right to data portability; the right to complain to a supervisory authority; and the right to withdraw consent. According to the Information Commissioner’s Office (ICO), most complaints arise because people do not feel their requests, such as a copy of personal data, are met.
But it’s not all doom and gloom, this new controversial regulation will bring a number of benefits to SMEs, including independent schools and academies, for example:
- Build parent trust
- Improve reputation
- Improve data protection for all
- Improve IT security
With all that in mind, are you all set or would you like to call Switch2IT for a helping hand?
Switch2IT Technical Support For Schools
Whether you are an independent school based in Chichester or Dartford or an academy based in Brighton or Guildford, Switch2IT is here to offer technical support for everything from the GDPR change over to an IT networking overhaul and ongoing managed service contracts to one-off IT project management.
29th May 2019
Why crypto currency is less of a cyber security risk than you think
Bitcoin or Bust? In Defence of Crypto Currency The rise of bitcoin has certainly put the cat amongst the pigeons in the world of finance (and cyber security). Once mocked as a flash in the pan, crypto currency is now a major player in the money markets, with “blockchain” the new word on everyone’s lips. Unsurprisingly, certain ...Read More >
30th April 2019
Do you know your AI from your Automation?
Do you know your AI from your Automation? In these nervous times, few terms have gained more traction than “Artificial Intelligence”. Often misunderstood, automation has come a long way from the realms of science fiction stories, embedding itself into our everyday lives and alleviating the burden of many mundane tasks at work. Did you...Read More >
29th March 2019
It is time to get tough with the big boys over data privacy
It’s time to get tough with the “big boys” over data privacy You know the feeling. You have just installed or upgraded a piece of software and the first thing you are met with is a long, tedious “privacy agreement.” Does anyone have the time or inclination to sit and read every line of this sleep-inducing tome? Not us...Read More >
20th February 2019
Are tech giants doing enough to serve their communities?
Are Tech Giants Doing Enough to Serve Communities They’ve Transformed? It is one of the great debates of our times. To what extent should giant tech companies take the ethical lead and fulfil their tax paying obligations? Indeed, the Switch2IT team has been quick to call out the “big boys” on a range of issues where they have not...Read More >