The National Cyber Security Centre, a part of GCHQ, is supporting educational establishments to keep criminals out of their networks after a spike in ransomware attacks. The rise in attacks was recorded in August as cybercriminals turn their attention to a sector focused on the return of students.
Best Practice Update
Do I need consent for emergency contacts?
Actually no, and here's why.
We know that we must have a lawful basis for processing any data, and consent is one of the six lawful bases that can be used.
{slider Department for Education}
Email:
DfE.coronavirushelpline @education.gov.uk
Telephone:
0800 046 8687
Open Mon-Fri from 8am to 6pm and weekends from 10am to 4pm
{slider Guidance for Parents and Carers}
Opening schools to more pupils from the 1 June 2020 (DfE update 11.5.20)
Contents:
Why can more children now attend school? What does the latest scientific advice say? Can my child return to school? What if my child is
{slider DfE Planning Guide for Early Years and Childcare Settings (DfE published 24.5.20)}
https://www.gov.uk/government/publications/preparing-for-the-wider-opening-of-early-years-and-childcare-settings-from-1-june/planning-guide-for-early-years-and-childcare-settings
Contents:
Prepare the premises
Prepare to implement practical measures to reduce risk
Review staffing for availability
Agree a protocol for responding to a suspect
Adapted from: The Irish Data Protection Commissioner
The GDPR does not prescribe the exact process for carrying out a DPIA beyond the minimum features outlined above, allowing for flexibility and scalability in line with your organisation’s needs. Although there is no one prescribed approach to take, the following steps can guide you through the process:
We have added publication scheme model templates in the FOI Best Practice area for academies as well as maintained schools.
Difference between the High Level and Detailed Publication Scheme
In light of recent ICO reprimands to schools it is important schools remember best practice for managing photos. The formal legal warnings issued by the ICO recently to schools both related to the processing of photos where no consent had been given.
We've just published two new drip-feeds for printing off a circulating to staff on recognising and responding to subject access requests.
The Data Protection Officer (DPO) can provide support in many areas but are you aware of what we do help with?
There are some more well-known areas of data protection that we would be called upon to advise such as subject access requests and breaches but DPO’s don’t only provide advice and support when things go wrong,
Updated operational guidance has been produced by Public Health England for local commissioners and schools on running the national child measurement programme (NCMP)
Please ensure that you register DPE as your DPO with the Information Commissioner's Office. To do so:
To add a Data Protection Officer (DPO) email This email address is being protected from spambots. You need JavaScript enabled to view it. with the subject line ‘Add a DPO’ and include:
Despite user frustrations that often result in poor passwords being used, passwords remain a key defence against unauthorised access to systems and personal data. And although the GDPR does not give prescriptive guidance on passwords, it does require organisations to implement technological and organisational measures to show they have considered and integrated data protection into their data processing activities.
Read on... and make use of the additional resources and train
©2023 Data Protection Education Ltd.