The General Data Protection Regulation (GDPR) was ratified in 2016 by the European Union (EU) to strengthen citizens' fundamental rights in the digital age and facilitate business by simplifying rules for organisations in the online digital age.
We are holding 2 training sessions in September to brief school staff members in preparation for GDPR. These will be facilitated by Remora, an independent consultancy specialising in cyber security. Remora apply their expertise in firms and organisations to help assess business-wide cyber and data security risk to create mitigation strategies.
The main points of the latest EU GDPR draft include:
- personal data is the property of the person;
- personal data is electronic, paper, file notes, fingerprints, CCTV…….
- very specific consent is required to use personal data;
- a person can request a copy of all personal data within 30 days;
- that copy must be in transportable format;
- a person can request erasure of all personal data;
- failure to comply will attract potentially seriously punitive penalties;
- failure to protect personal data is a breach of GDPR;
- privacy needs to be built into all systems and processes.
The training will make GDPR an operational reality in your school by:
- coaching you on data security policy;
- guiding you to create/update your data retention and disposal policy;
- assisting you with definition of a Governance framework with appropriate policies;
- creating your Response Plan: breach identification, resource mobilization, and appropriate disclosure;
- define an operational implementation plan.
Further reading
For further information please contact: Michael Welton – Traded Services Manager and Principal Education Welfare Officer
Telephone: 020 8489 2441 Mobile: 07792 437567