- Latest NewsUp-to-date articles giving you information on best practice and policy changes.
- Model PoliciesA comprehensive set of templates for each statutory school policy and document.
- Skills AuditsEvaluate your skills and knowledge, identify gaps and determine training needs.
Data protection
Whether you are storing staff or pupil data, or answering requests for information on the data you hold, you must do it lawfully. Ensure data management and processing is compliant with data protection law with the resources below.
-
The Freedom of Information Act allows anyone to request information without giving a reason. Download the template to explain how FOI requests are handled in your setting
-
All schools are required to have a policy on data protection. Use our data protection model policy to tailor a document that meets the needs of your setting
-
Schools can use this template to ensure their single central record (SCR) is up-to-date and efficient
-
Download and adapt the skills audit for data protection officers to ensure your setting is compliant with the GDPR
-
Under the GDPR you are required to explain your legal grounds when answering a SAR. Lisa Griffin describes what is involved in receiving a right to access request
-
Responding to a subject access request can be time, energy and resource consuming. We have six ways to help ease the burden
-
Many DPOs face resistance when introducing a new email retention and destruction process. Julia Sandford-Cooke suggests strategies for overcoming colleagues’ reluctance to delete their emails
-
The retention and destruction of records is subject to various statutory requirements. Download the template to state how your school or setting keeps and destroys different types of records
-
Conducting a data compliance check or learning walk can seem a daunting prospect for data protection officers. Dai Durbridge shares his top tips
-
Good record keeping is essential to keep files secure, up to date and to protect pupils. Follow this best practice for keeping, storing and destroying safeguarding files