GDPR IS A DATA PROTECTION GAME CHANGER SCHOOLS

  • Slides: 10
Download presentation
GDPR IS A DATA PROTECTION GAME CHANGER SCHOOLS’ EXISTING POLICIES WILL REQUIRE A COMPLETE

GDPR IS A DATA PROTECTION GAME CHANGER SCHOOLS’ EXISTING POLICIES WILL REQUIRE A COMPLETE REVAMP COMPLIANCE BRINGS GREATER RESPONSIBILITI ES THERE’S VERY LITTLE TIME TO MAKE YOUR SCHOOL COMPLIANT

What is GDPRi. S • Schools MUST become GDPR compliant by 25 th May

What is GDPRi. S • Schools MUST become GDPR compliant by 25 th May 2018 • GDPRi. S does most of the tasks to achieve compliance • Its an auditing and mapping tool • Designed with Schools, MATS and Local Authorities in mind • It’s a cloud based web platform • Easy to use • Saves a lot of time & money to reach GDPR standards

Suppliers & Data Maps • Holds a directory of suppliers and products (self maintained)

Suppliers & Data Maps • Holds a directory of suppliers and products (self maintained) • Suppliers register for free and are supported through registration • Suppliers complete data maps for all their products • They can update and share as products evolve For products and suppliers not included • Schools can invite suppliers • They can modify data maps for specific requirements

Data Maps Forename Identification Legally required Low Until off roll + 3 Y No

Data Maps Forename Identification Legally required Low Until off roll + 3 Y No cant remove Data maps have fields, each field is defined with • Sensitivity • Legal Justification • Retention

School DPO user, (in school or remote) • Select products from directory for data

School DPO user, (in school or remote) • Select products from directory for data map & compliance documents • ALL staff are loaded into GDPRi. S • Map products to staff • Staff sent SAQ (termly) ** • Report and manage data breaches ** • Manages DP documents & training materials

** Accountability Staff Data Protection Audit Staff accountability statements and training I confirm that

** Accountability Staff Data Protection Audit Staff accountability statements and training I confirm that any device through which I access or store personal data is secured and strongly password protected I confirm that I understand my responsibilities in protecting personal information I confirm that I only store transmit or carry personal data securely and/or in an encrypted form. Have you read the document ‘Green Park guidance to keeping personal data safe’ ? Please suggest improvements Have you been on any DP training courses? Please list them • All staff are reminded of their responsibilities and confirm that they understand • A record is kept of all training

** Manage Data Breaches • Staff report data breaches in the correct manner •

** Manage Data Breaches • Staff report data breaches in the correct manner • DPO manages these with their superiors

Useful Documents ICO’s ‘ 12 Steps to take now’ adapted specifically for schools

Useful Documents ICO’s ‘ 12 Steps to take now’ adapted specifically for schools

Useful Documents…

Useful Documents…

DO SOMETHING ABOUT GDPR NOW!

DO SOMETHING ABOUT GDPR NOW!

GDPR GDPR GDPR The European Commission support forGDPR GDPR GDPR The European Commission support for
GDPR Overview GDPR Overview GDPR Individuals Rights ToGDPR Overview GDPR Overview GDPR Individuals Rights To
General Data Protection Regulation GDPR What is GDPRGeneral Data Protection Regulation GDPR What is GDPR
GDPR 2018 Co je GDPR General Data ProtectionGDPR 2018 Co je GDPR General Data Protection
General Data Protection Regulation GDPR GDPR 25 MayGeneral Data Protection Regulation GDPR GDPR 25 May
General Data Protection Regulation GDPR GDPR is aGeneral Data Protection Regulation GDPR GDPR is a
Data Protection and the GDPR General Data ProtectionData Protection and the GDPR General Data Protection
Data Protection Act 1998 GDPR Data Protection ActData Protection Act 1998 GDPR Data Protection Act
Data Protection Act 1998 GDPR Data Protection ActData Protection Act 1998 GDPR Data Protection Act