GDPR IN SCHOOLS

GDPR sits closely next to any IT system. Where your organisation and the security of its data is concerned, CITL make a conscious effort to ensure that you are aware of your responsibilities and we too are acting in accordance with the regulation.

When recommending a system or implementing a solution for example, we will analyse its suitability be ensuring it is secure by design. For GDPR management, we also team up with partners who are able to provide you with specialist support - so reach out to us to see if we can help you with this.

PII

Personally Identifiable Information - This can be data relating to an individual or data that allows that individual to be identified (directly or indirectly). Examples include: Names, Photos, Email addresses, Bank Details etc,

Lawful Processing

You must have a legal basis for processing any personal data and also have the user’s consent . Remember, children aged 13 and above have a legal right to issue or withdraw consent!

Data Storage and Processing

Have you ensured that your data is stored securely? Where is it held? Are the systems you utilise GDPR compliant? Your accounts are only as good as the passwords and authentication methods set up on them - have your users been trained in why a strong password is so important? Encryption, TLS, Anti Virus and Cyber Security are all absolutely essential to ensuring your compliance with GDPR.

CITL GDPR Poster

Want a free GDPR & You compliance poster for your staffroom? Email info@citl.co.uk to request one today

Help!

If you want to ensure that you comply with GDPR it's best to consult with experts. We've helped countless schools get their policies and practices in line with GDPR so we understand the rules, the justifications required and the things that you are legally responsible for ensuring change. 

The best starting advice we can give, if you're going to get GDPR compliant without expert consultancy, is to audit all of the data that the school holds by speaking to each department about what data they have, how they got it, where they store it and why they use it. 

OUR GDPR STATEMENT

Loading... Updating page...