What is GDPR? And how will it affect OUR school?
As of the 25th May 2018 the way we manage all information and data within our school will change. The current DPA (Data Protection Act) will be replaced by the GDPR (General Data Protection Regulation); a new updated procedure designed to keep sensitive information safer than ever. So, let’s take a deeper look into what the updated GDPR includes, and how it will affect us...
What is the DPA (Data Protection Act)?
The Data Protection Act, passed in 1998, was designed and introduced to protect the privacy of individuals. The DPA requires that any personal information about an individual is processed securely and confidentially.
In school terms, the DPA applies to information relating to staff, students and even parents. How you obtain, store and share any information relating to individuals is extremely important as this data can often be sensitive. It’s also important to make clear to an individual how you plan to use any information about them.
What does the DPA do?
The sensitive information that is held by schools is often easily accessed via computerised databases. Due to the easy accessibility of this information, there is a chance it could end up in the wrong hands. This is where the DPA comes in.
By ensuring that all data is obtained, managed and shared securely, schools can prevent any information about students, staff and parents being used in an illicit manner.
What is the GDPR (General Data Protection Regulation)?
The GDPR is simply a new, updated data protection regulation to be followed by schools and other organisations. The new regulation has been designed to further strengthen the safety and security of data that is held by an organisation.
The GDPR has been introduced to ensure further that personal data is protected.
What does the GDPR Include?
The GDPR follows 6 key principles…
Article 5 of the GDPR requires that personal data shall be:
St Paul's is working hard to ensure that we are compliant at all times with the GDPR and will be compliant by the deadline of 25th May 2018.
More information including our new policy will be uploaded here.
This website is fully compliant with GDPR regulations 2018.
If you have any questions about the GDP and how it will affect us at St Paul's please speak to Mrs Morteo, Mr Gascoigne, Mrs Frowen or Mr Wilson who will be happy to help!
As of the 25th May 2018 the way we manage all information and data within our school will change. The current DPA (Data Protection Act) will be replaced by the GDPR (General Data Protection Regulation); a new updated procedure designed to keep sensitive information safer than ever. So, let’s take a deeper look into what the updated GDPR includes, and how it will affect us...
What is the DPA (Data Protection Act)?
The Data Protection Act, passed in 1998, was designed and introduced to protect the privacy of individuals. The DPA requires that any personal information about an individual is processed securely and confidentially.
In school terms, the DPA applies to information relating to staff, students and even parents. How you obtain, store and share any information relating to individuals is extremely important as this data can often be sensitive. It’s also important to make clear to an individual how you plan to use any information about them.
What does the DPA do?
The sensitive information that is held by schools is often easily accessed via computerised databases. Due to the easy accessibility of this information, there is a chance it could end up in the wrong hands. This is where the DPA comes in.
By ensuring that all data is obtained, managed and shared securely, schools can prevent any information about students, staff and parents being used in an illicit manner.
What is the GDPR (General Data Protection Regulation)?
The GDPR is simply a new, updated data protection regulation to be followed by schools and other organisations. The new regulation has been designed to further strengthen the safety and security of data that is held by an organisation.
The GDPR has been introduced to ensure further that personal data is protected.
- It strengthens the rights of ordinary people like us, giving us back the power and control over our personal data and how it is used by those schools and other organisations to whom we provide it.
- It ensures that responsibility for protecting that data lies with the schools and other organisations who process it.
What does the GDPR Include?
The GDPR follows 6 key principles…
Article 5 of the GDPR requires that personal data shall be:
- Processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);
- Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (‘purpose limitation’);
- Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
- Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);
- Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (‘storage limitation’);
- Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
St Paul's is working hard to ensure that we are compliant at all times with the GDPR and will be compliant by the deadline of 25th May 2018.
More information including our new policy will be uploaded here.
This website is fully compliant with GDPR regulations 2018.
If you have any questions about the GDP and how it will affect us at St Paul's please speak to Mrs Morteo, Mr Gascoigne, Mrs Frowen or Mr Wilson who will be happy to help!