What is GDPR?
GDPR stands for General Data Protection Regulation. It has been developed by the European Parliament, with the aim of strengthening and standardising data protection laws for individuals within the European Union.
It is designed to simplify and unify data protection laws across all countries in the EU (including UK even after Brexit).
The regulation is enforceable from 25 May 2018, at which point businesses need to ensure they are fully compliant.
What data is covered by GDPR?
GDPR applies to ‘personal data’ and ‘sensitive personal data’, but not to ‘business data’;
Peraonal Data is any information that allows a person to be directly or indirectly identified. The obvious fields of “personal data” are names and identity numbers, but factors such as location and online identifiers (e.g. jame.smith@school.com) also count under the ICO definition.
Our Commitment to GDPR
Data is very important to our school. It has therefore always been essential that our data is both accurate and sensitively handled in accordance with best practice.
Schools by their very nature process a lot of personal data. This data can be very sensitive in nature, detailing medical as well as other aspects such as attainment and performance. Our main driver in terms of data security is the interest of the data subject, the person about whom we hold data. Schools are no different to other institutions and must make sure that policies and procedures are created and adhered to. They also have the responsibility to train and support staff in applying data security practices.
All schools must have policies and procedures to inform staff what to do. One of the statutory policies is a Data Protection Policy. Schools also must publish Privacy notices for both parents and the workforce detailing what information they store and who they have approved to process the data. All schools will also have an Online Safety Policy that will give guidance as to how staff will use technology and this will be linked to an Acceptable User Policy (AUP).
At Herne View Church of England Primary the following people have key responsibility for data protection:
Data Protection Lead – Claire Oaten, Headteacher
Data Protection Officer – Amy Brittain (County Council)
Data Protection Governor Lead – Guy Adams, Chair of Governors
Should you have any concerns regarding data protection please speak to the school office who will forward these to the Data Protection Lead.
Links
GDPR Documents:
- CCTV Policy Herne View Church of England Primary School July 2022
- Data Asset Audit Herne View Church of England Primary 2022
- FoI Publication Scheme and Explanatory Note 2021 Herne View Church of England Primary School July 2022
- PRIVACY NOTICE Maintained Governors Herne View Church of England Primary
- PRIVACY NOTICE Maintained Pupil Parent Herne View Church of England Primary
- PRIVACY NOTICE Maintained Recruitment Herne View Church of England Primary
- PRIVACY NOTICE Maintained Volunteer Herne View Church of England Primary School
- PRIVACY NOTICE Maintained Workforce Herne View Church of England Primary
- Parent and Carer Acceptable User Policy for pupils use of technology and the internet.docx
- Technical Security Policy Herne View Church of England Primary July 2022
- eLIM - Model Data Protection and FOI Policy September 2022 Herne View
