Next year, the current Data Protection Act (DPA) will be replaced by new General Data Protection Regulation (GDPR). The changes take effect on 25th May 2018 and at this point there will be an even greater emphasis placed on data protection that will change the way information is managed within your school.
The tighter regulations will place additional responsibility on schools to safeguard the information they hold. The rules are related to what information is stored, and how it is stored, similar to the original DPA although the new rules are more stringent. Depending on your current infrastructure, the changes may require investment in software but it may be possible to achieve compliance without a major outlay.
We recommend a full information audit which will help you understand what actions you need to take to ensure that you don’t breach the rules. Along with providing some stricter guidelines, the GDPR also carries some significant penalties for any organisation that breaches the new rules so it’s worth making sure you meet the requirements. You may find that you’re already operating within the guidelines, or some minor adjustments can bring the school in line.
However, that initial audit goes, it’s worth knowing what you need to do before you’re at the point of incurring penalties. We can help you look at your current practices, policies and software and help you develop a plan of action – and if required, a budget for technical investment – to ensure that when the GDPR comes into force in May next year, your school will already be meeting the new standards.