{slider DfE Planning Guide for Early Years and Childcare Settings (DfE published 24.5.20)}
https://www.gov.uk/government/publications/preparing-for-the-wider-opening-of-early-years-and-childcare-settings-from-1-june/planning-guide-for-early-years-and-childcare-settings
Contents:
Prepare the premises
Prepare to implement practical measures to reduce risk
Review staffing for availability
Agree a protocol for responding to a suspect
Adapted from: The Irish Data Protection Commissioner
The GDPR does not prescribe the exact process for carrying out a DPIA beyond the minimum features outlined above, allowing for flexibility and scalability in line with your organisation’s needs. Although there is no one prescribed approach to take, the following steps can guide you through the process:
We have added publication scheme model templates in the FOI Best Practice area for academies as well as maintained schools.
Difference between the High Level and Detailed Publication Scheme
Some of you may have seen in the press the long-running legal dispute of Various Claimants vs Morrisons, which after starting in the High Court in 2017 has finally seen a ruling issued by the Supreme Court.
The Government has provided some guidance on the avoidance of disinformation online.
https://sharechecklist.gov.uk/
What is disinformation?
Disinformation is the deliberate creation or dissemination of false and/or manipulated information
In light of recent ICO reprimands to schools it is important schools remember best practice for managing photos. The formal legal warnings issued by the ICO recently to schools both related to the processing of photos where no consent had been given.
At times like these, we often hear that "data protection goes out of the window" or "safeguarding and public safety trumps GDPR". In fact, though there are incredible pressures on everyone, data protection has never been more important. It's not something to be overlooked as we all start processing data in new and different ways.
The National Fraud Intelligence Bureau has so far identified 21 reports of fraud where coronavirus was mentioned since February 2020 with victims' losses so far totalling more than £800,000 in a month.
It is fair to say that the speed at which Coronavirus has spread and affected everybody has been a bit of a shock. There wasn’t a precedent for this and the UK is facing the most significant lockdown since the second world war. The words Keep Calm and Carry On has acquired new relevance in 2020.
Experts at the National Cyber Security Centre have revealed criminal phishing attacks are exploiting worries over COVID-19
The National Cyber Security Centre which operates as part of GCHQ and created to keep the UK safe only has revealed that a range of ‘phishing’ attempts have been seen in several countries
We've just published two new drip-feeds for printing off a circulating to staff on recognising and responding to subject access requests.
The Data Protection Officer (DPO) can provide support in many areas but are you aware of what we do help with?
There are some more well-known areas of data protection that we would be called upon to advise such as subject access requests and breaches but DPO’s don’t only provide advice and support when things go wrong,
Updated operational guidance has been produced by Public Health England for local commissioners and schools on running the national child measurement programme (NCMP)
You may have seen the announcement in the news about the ICO fine for British Airways "Following an extensive investigation the ICO has issued a notice of its intention to fine British Airways £183.39M for infringements of the General Data Protection Regulation
Please ensure that you register DPE as your DPO with the Information Commissioner's Office. To do so:
To add a Data Protection Officer (DPO) email This email address is being protected from spambots. You need JavaScript enabled to view it. with the subject line ‘Add a DPO’ and include:
One year on, and it's clear that data protection is not going away.
This year, while we haven't seen significant fines (apart from the measly €50M fine for Google), there has been plenty of regulatory action and enforcement decisions will come across all sectors. Don't make the mistake of thinking that GDPR is done.
We've released version 1 of the Compliance Manager tool.
What is it?
The Compliance Manager allows you to assign any document to staff and enable the following interactions
or
I have given consentAny standard document type can be uploaded and interactions selected. Then select the users to assign the document too and a date by which the users should have responded.
The French data protection regulator, the CNIL has issued their first GPDR fine. And it has landed on Google for the sum of €50million, the largest seen yet under GDPR.
The breaches of GDPR were two-fold.
From the Information Commissioner's Office blog:
A former headteacher has been fined in court for unlawfully obtaining school children’s personal data from previous schools where he worked.
A belated Happy New Year from Data Protection Education.
We wanted to let you know that the initial tranche of new tools and content will be available on the Knowledge Bank from Monday 14th January.
This will include the following tools:
Despite user frustrations that often result in poor passwords being used, passwords remain a key defence against unauthorised access to systems and personal data. And although the GDPR does not give prescriptive guidance on passwords, it does require organisations to implement technological and organisational measures to show they have considered and integrated data protection into their data processing activities.
Read on... and make use of the additional resources and train