Data protection in schools and other education settings

During the Covid-19 pandemic, much of the focus has been on shoring up existing delivery and, where possible, extending arrangements if it is not possible to re-procure.
Data protection in schools and other education settings
You will hold many types of personal information about your staff, pupils, alumni and third parties with whom you engage. Ensuring that you and your staff understand your duties and obligations as guardians of this data is an essential part of any successful education setting.
The Data Protection Act 1998 has been superseded by the General Data Protection Regulation (GDPR) and the Data Protection Act 2018, which took effect in May 2018. This new regime has revolutionised data protection law and information rights, acting as a catalyst for a new culture of privacy that you must embed within your school, academy, or organisation through effective policies and procedures.
“The use of data across our sector and beyond has developed significantly in recent years. And so it is right that the law, processes and skill sets associated with being effective guardians of children’s data are brought up to date and fit for the modern era….If our sector is to be entrusted to hold sensitive data about children across the country and exploit the benefits modern data technologies enable us, then they are both to be welcomed.”
Neil McIvor, Chief Data Officer, Department for Education
Our team’s understanding of how the new regime impacts the education sector allows us to work closely with schools, academies, and other education providers to help them manage their data protection compliance programmes. We can guide you on data protection and how to handle and share information to ensure compliance with the new regime.
The GDPR states that you must make sure the information you hold is:
There is stronger legal protection for more sensitive information, such as:
There are additional safeguards for personal data relating to criminal convictions and offences.
Under the new regime, everyone has the right to find out what information you hold about them. These include the right to:
Our team of experts can help to guide you through this regulatory maze, advising you on the best approach for capturing, handling and sharing information within your organisation so that you don’t fall short of your obligations. We can help you identify risks that could result in data breaches, penalties and reputational damage, and put plans in place to mitigate and manage them if they happen.
We advise schools, academies, and education providers on all areas of data protection and information law compliance, as well as providing guidance on freedom of expression, privacy, reputation and information rights generally. We can help you with the following:
For more information about data protection for schools, academies, colleges and universities, please contact Peter Coe.
Anthony Collins Solicitors has supported us through the thorny area of data protection and subject access requests. They've provided excellent support and guidance, reassuring staff and helping us to meet our legal obligations with confidence.Jo Baker, Head of Operations, Diocese of Coventry Multi Academy Trust.
I've had my eyes opened to a range of data protection situations where I needed to tighten up my procedures. Thank you, it was very helpful.Training course attendee.
call the service specialist on 0121 214 3710
As a teacher, or a professional working in the education sector, there are multiple issues that you may face. Whilst we do offer advice about educating children from a variety of backgrounds in a safe and caring environment, we also offer advice to you as an individual. We understand that the pressures and numerous challenges facing those in charge are not always classroom based.
Education is one of our core sectors. This allows us to combine our specialist subject knowledge and experiences with our personal approach to individual cases. Our clients tell us that the service they receive from us is unique, and we believe this comes directly from our commitment to the purpose of our firm: 'to improve lives, communities and society’.
To understand more about how we can help you as an individual click here.
During the Covid-19 pandemic, much of the focus has been on shoring up existing delivery and, where possible, extending arrangements if it is not possible to re-procure.
Covid-19 has resulted, on the whole, in a marked co-operation between contracting authorities and their suppliers as everybody focuses on maintaining delivery as far as possible.
The Johnny Depp -v- News Group Newspapers trial concluded last week and has been widely publicised and reported on around the World.
The Supreme Court has allowed two appeals concerning 'vicarious liability', providing helpful clarity for claims of this kind and seemingly reining in the scope of such claims.
There has been a huge rise in the use of video conferencing and online messaging services while we are at home due to the Covid-19 related lockdown.
Several myths are circulating the relaxation of data protection rules and compliance. We can help clarify these myths.
The UK Information Commissioner’s Office (ICO) has recently made some noteworthy changes to its guidance around data subject access requests (DSARs).
On 8 July, news broke of the staggering fine of more than £183m the ICO intended to levy against British Airways as a result of a hack that took place in 2018, compromising 500,000 customers' data.
A recent High Court decision could have repercussions for our clients who communicate via social media group accounts but don’t actually compose some or all of the messages the organisation posts.
In October 2018, it was reported that Heathrow Airport Ltd had been fined £120,000 by the Information Commissioner’s Office (ICO) for failing to keep personal data secure.
To receive invitations to our events, as well as information and articles on legal issues and sector developments that are of interest to you, please sign up to Newsroom.