• GDPR News

News & views on all things GDPR

“Miss, what’s GDPR? Is it a new exam board?” That question might have raised a chuckle back in 2018, when GDPR first arrived with its bundle of acronyms, policy updates, and general sense of urgency. But here we are in 2025, seven years on and the UK GDPR is no longer the new kid on […]

It’s that time of year again. The corridors are quieter. The library’s full. Revision guides multiply like gremlins. Students are hunched over past papers, and you’ve lost count of how many times you’ve said, “Just do your best.” Exam season: the annual rite of stress, snacks, and sharp-tipped pencils. We know the drill. We also […]

In today’s hyperconnected world, it’s not uncommon for children to be more tech-savvy than the adults around them. But behind every cute dance video or viral meme lies a sophisticated system of data collection and recommendation algorithms, Many of which are now under scrutiny. Recently, the UK’s Information Commissioner’s Office (ICO) launched formal investigations into […]

GDPR Sentry can help you fill the knowledge gap

As cyber threats escalate across all sectors, UK schools have become increasingly frequent targets. From ransomware attacks that cripple entire networks to phishing campaigns aimed at staff and suppliers, the education sector is now considered a prime target for cybercriminals. According to the UK’s National Cyber Security Centre (NCSC), the volume and sophistication of attacks […]

Imagine you’re sat in the staffroom, half-eaten biscuit in one hand, half-finished student spreadsheet on the screen. You scroll down a list of names, notes, and numbers, some of which, to your horror, date back to the year David Cameron was still Prime Minister. You mutter to yourself, Why do we still have this data? […]

12 Months, 30+ Enhancements, and One Seriously Upgraded System – Here’s Sentry’s Year in Review Over the past year, we’ve been busy building, refining, and supercharging your system with over 30 significant improvements, each one designed to make your experience more powerful, more intuitive, and, dare we say, a little more enjoyable. Whether you’ve spotted […]

There’s something unmistakable in the air when an inspection is on the horizon. You can feel the hum of preparation in every corridor; policies being printed, classroom displays getting a refresh, and colleagues exchanging knowing glances over the photocopier. It’s all hands-on deck, and every detail matters. But as walls are re-pinned and cupboards reorganised, […]

It’s not every day you hear about global privacy treaties in the staffroom. Between lesson plans, playground duties, and wondering why the photocopier only jams when you’re in a hurry, international data agreements don’t always make it onto the radar. But every now and then, something big happens that’s worth pausing for and, Global CAPE […]

You’ve probably heard it by now, EdTech is booming. From lesson-planning AI to real-time behaviour tracking, schools across the UK are embracing technology faster than ever. Whether it’s a new learning app or a full-blown Management Information System (MIS), the promise is the same: smarter classrooms, less admin, and happier teachers. But here’s the thing, […]

Let’s face it, school leaders today wear a lot of hats. One minute, you’re supporting staff wellbeing; the next, you’re signing off on an EdTech contract, responding to a Subject Access Request, or checking if the new Wi-Fi rollout has encryption (whatever that means, right?). In today’s increasingly digital world, two terms often crop up: […]

If you’ve ever opened your inbox and seen a message from a parent asking for “all the information you hold on my child,” your first thought was probably: “Subject Access Request!” But hold on — not every request for pupil information automatically falls under the UK GDPR. Sometimes, it’s actually a request under education regulations, […]

Over the past 12 months, we’ve been busy behind the scenes, rolling out exciting new features, fine-tuning your favourite tools, and delivering enhancements that make your day-to-day work a little bit smoother (and a lot more efficient). Whether it’s a shiny new module or subtle improvements to existing systems, we’ve been listening to your feedback […]

It’s that time of year again. The weather’s warming up (at least in theory), the final exam papers are piling up in the staffroom, and the Year 11s, full of nervous energy, optimism, and just a hint of mischief, are preparing to say their goodbyes. It’s the season of leavers’ assemblies, nostalgic slide shows, and […]

As public bodies, UK schools are increasingly in the spotlight when it comes to transparency. Freedom of Information (FOI) requests are a key legal mechanism for parents, campaigners, and the media to access information about how schools operate but they’re also on the rise, especially around exams, assessments, and decision-making processes. For school administrators and […]

There’s a certain kind of email that arrives in a school inbox that immediately raises eyebrows. It starts with something like: “Exciting news! We’re trialling new biometric scanners in the canteen to speed up lunch queues!” It’s followed by promises of efficiency, reduced lunch line chaos, and fewer forgotten PINs. On the surface, it sounds […]

It’s opening night. The school hall smells faintly of paint and paper mâché. There’s a Year 5 pupil with a cardboard crown that’s just a little too large for their head, nervously adjusting their costume backstage. Parents are streaming in, phones at the ready, clinging to the best seats like it’s Glastonbury. You’ve made it […]

Picture this: You’re clearing out a dusty old cupboard in the staffroom and stumble across a stack of paper files labelled “Year 11 – 2009”. A mix of test scores, behavioural logs, and, oddly, a permission slip for a trip to Alton Towers. Your first thought? How did this survive the last clear-out? Your second? […]

It’s a typical Tuesday morning in the staffroom. Someone’s burnt their toast, the last tea bag has mysteriously vanished, and your inbox flashes up with a reminder: “Mandatory GDPR Refresher – 20 minutes.” There’s a quiet groan. Not because anyone doubts its importance but because, for many, data protection training sits firmly in the category […]

We’re Back! It’s 2022, and with a new year comes new opportunities to look at the world through a data protection lens. To kick things off, News has broken Facebook’s parent company Meta is threatening to cut off its main consumer services like Facebook and Instagram from customers in the EU.   Unlike last year’s […]

Last week, a news article popped up. “UK to overhaul privacy rules”. Naturally, it piqued some interest. The UK debated revoking the GDPR before they finished implementing it. By the time the GDPR came into effect in 2018, several years had passed since the UK announced its intention to leave the EU. However, we have […]

It seems we are slowly marching towards “freedom day”, when the Prime Minister announces the removal of the restrictions that have covered almost every aspect of our day-to-day. However, Covid cases are on the rise again. With numbers as high as they were in Autumn 2020, We are all hoping the link between rising case […]

For today’s post, we’re taking a quick dive into the murky depths of Subject Access Requests. Imagine this scenario. One of your students, staff members, or anyone you might have information about is standing at the front desk, and they’re asking for all of their data. What do you do? What happens next? For many […]

Here’s a good news story to kick off the new month…   The GDPR has provided a whole new framework for data protection, a framework that is centred around an individual’s right to privacy rather than an organisation’s desire for data. Your rights are now stronger and clearer, and organisations must safeguard data and be […]

  In schools, responsibility surrounding children’s mental health and wellbeing is clearly documented. Legislation such as the 1989 Children’s Act, and guidance such as “Keeping Children Safe in Education,” set out responsibilities of staff and governors. Furthermore, it is made abundantly clear that data protection concerns should not prevent action from being taken to support […]

  We’ve reached a new checkpoint in Boris’s Covid roadmap. Yesterday, non-essential shops reopened, and many flocked to their local pub to enjoy a pint outside. For many, yesterday also marked their first day back in the office. While teaching staff have been back for a few weeks now, for others the full time return to the […]

  When you purchase a product or use a service, at some point you will probably receive a feedback form. It’s almost an inevitability. It might be a form that arrives on email, or an irritating pop-up in an app. Recently, if you use a smart speaker you may get a notification which proceeds to […]

Last week, a global hacking campaign targeted Microsoft Exchange servers, and compromised hundreds of UK companies. It was estimated that more than 500 email servers in the UK were hacked, alongside many more across the world. Attackers used newly discovered vulnerabilities in the software to gain access to data, or to install ransomware. Ransomware can […]

Sentry has been designed for schools

Last Month, The U.K. Commissioner for Public Appointments posted an advertisement for a new Information Commissioner. Current Commissioner Elizabeth Denham announced previously that she was leaving her post in October, having overseen the UK’s transition to new data protection laws.   Whoever is hired will be stepping into quite a sizable pair of shoes. Data protection complaints doubled in 2018/19, from around 21,000 to […]

In the second instalment of our Emerging Tech series, we look at the development of commercial genetic testing, and the data protection implications of widespread genetic screening.     “Customers who are genetically similar to you consume 60mg more caffeine a day than average.”  “You are not likely to be a sprinter/power athlete”  “Customers like you […]

WhatsApp have spent the last month putting out self-inflicted fires. After a disastrous announcement of changes to their terms of service, the company have been scrambling to convince users to stick with the app. However, even with delayed implementation of the new terms of services, and hundreds of reassurances, their PR nightmare has prompted many […]

GDPR Sentry can help you fill the knowledge gap

Anyone involved in last year’s exam grade saga probably harbours a level of resentment against algorithms.  The government formula was designed to standardise grades across the country. Instead, it affected students disproportionately, raising grades for students in smaller classes and more affluent areas. Conversely, students in poorer performing schools had their grades reduced, based on past grades from previous […]

Today is Data Protection Day. It’s not on the front page of the papers, but you might see a little notification on the bottom of the Google Homepage. In 2007, the Council of Europe designated January 28th Data Protection Day (or Data Privacy Day in other parts of the world), to highlight the importance of […]

It has now been over a year since Chinese authorities reported the first case of Covid-19 to the World Health Organisation. This year has brought tragedy for the many people who have lost loved ones. It’s also brought difficulties for all, with restrictions on our daily life that haven’t been seen since the 1940s. Mental […]

It has been a year of chaos. The Oxford English Dictionary usually nominate one word as ‘Word of the Year’. This year, there has been so much change that they couldn’t narrow it down to just one. “Covid-19, Lockdown, Anti-Maskers, Unmute” Not to forget “Bushfire” when millions of acres of Australian bushland burnt at the […]

The EU-US Privacy shield, a framework designed by the U.S. Department of Commerce, and the European commission, has been struck down by the European Court of Justice (ECJ). The framework, approved by the EU in 2016, has been at the centre of several international discussions for the last few years. The program allowed companies to […]

With more than 3,000 cases of the new coronavirus confirmed, Italy has announced that it will be shutting all schools for 10 days, to slow the spread of the disease. With cases beginning to increase in the UK, the possibility of similar action being taken here is also increasing. Most students, teachers and lecturers are […]

Last week, the University of East Anglia (UEA) paid out over £140,000 compensation to students affected by a 2017 data breach. An email containing information on personal issues, health problems and circumstances such as bereavement, was mistakenly sent to 300 UEA students. The email contained sensitive personal data of over 190 people. UEA reported that […]

Last week’s post briefly touched on how technological advances are providing new data protection challenges. Earlier this month, the 2020 Consumer Electronics Show (CES) showed the world the new smart devices we can expect to see filtering through the markets soon. There were many companion robots on show. For instance, Bellabot (a robot cat waiter […]

We don’t usually comment on cybersecurity stories but the breaking news of the issues at Travelex (as reported by the BBC) made me think about the potential loss of access to critical information in an educational setting.  From the information available ransomware has been placed in the Travelex system, forcing the company to shut down its’ online […]

The UK government has not had a fantastic start to the year. The New Year’s honours list, a list of individuals receiving awards on New Year’s Day, was mistakenly posted with personal contact details of over a thousand people. While the document was only available for around an hour, many notable—and often controversial—figures had their […]

The time has come. Tinsel is up, chestnuts are roasting, and Santa is preparing his “Naughty or Nice list”. However, in this time of tradition, should we be thinking of the new data protection laws? Is St Nick in breach of the GDPR? Well, he might be. Having a list of all the boys and […]

A report published last week by career focused social network LinkedIn, identified the “Emerging Jobs” of 2020 in the UK. The report, which can be found here, looks at the roles that are experiencing significant growth. At number one is “Artificial Intelligence Specialist”, confirming that this field is expanding out of the academic realm and […]

While the Christmas holidays are tantalisingly close, many schools are struggling with the norovirus outbreak that is sweeping across the country. It got us thinking about the way that winter can leave us feeling washed out, both physically and mentally and how that could have an impact on more than just the mood at work. […]

When you talk about data protection all day, every day, it’s easy to assume that everyone else does the same. Some of the terms and names used when referring to the new GDPR are not as clearly defined as they could be. So, this week we are looking at the role of a ‘data processor’ […]

…(and can be costly too!)   GDPR is not normally associated with parties, but recently I heard the end of a conversation about an office Christmas party and it set me thinking about the impact that a misplaced sentence can have. Friendships and working relationships can be badly damaged, in some cases, irreparable. If I […]

Being as clear as mud when it comes to Data Protection A key principle of data protection is transparency. You must be upfront about what you plan to do with personal data. A failure to be transparent has recently brought the Department for Education into the Information Commissioner’s Office’s sights. Information from the annual census […]

Are you facing the same GDPR problems as most? We asked a number of both Data Protection Officers and GDPR Leads in Education what the most common GDPR problems they come across are, interestingly, most of the answers were the same, so we thought we would put together a list of GDPR problems and some […]

Wednesday 23rd October 2019 Following on from our latest update last week, ‘How Brexit will affect GDPR’, as always with Brexit, there is another twist in the tail. In the increasing febrile corridors of Westminster, the latest set of proposals for an orderly Brexit offer a crumb of comfort from the perspective of data protection […]

With the ‘Harry2’ story recently hitting the headlines, we ask, how far do Schools really need to take data protection? Newhey Community Primary School have branded Harry Szlatoszlavek with a number 2 as his surname, so they can differentiate between him and another boy with the same first name. The Rochdale based Primary School says […]

Among the political turmoil as we approach the deadline of the 31st October for leaving the European Union, data protection is now being mentioned. Some schools have received guidance about actions that may need to be taken. The essentials of the situation are these. Despite us having gone to considerable effort to implement GDPR and […]

Documenting Data Breaches Why paper and spreadsheets may not be enough… A Breach Scenario You’ve experienced a breach where information was sent to the wrong person. During the investigation it became clear that the person whose data was breached was aware of it happening. You took the actions that seemed appropriate and decided that it […]

data breaches

Data Breaches Happen How will you deal with one?   Breaches come in many shapes, sizes, and severities. It’s critical to recognise that an integrity breach with a single inaccurate word can be as serious as a classic confidentiality breach. Part of your training for all staff needs to be about recognising when a data […]

Summer Updates! With our brand, we didn’t want to completely change the GDPR Sentry our customers know and love, so we made some minor improvements instead, and wanted to share them with you! Can you spot any new features on our website? As well as website changes, our technical team have also been busy making […]

DPO

Since 2017, Schools, Trusts and Colleges have been bombarded with stories about the requirements and risks of failing to comply with GDPR. The mass of information around the internet can seem daunting even overwhelming, but we are here to help you on your journey to compliance. Any schools in state sector, including local authority nursery […]

With so much confusion and little understanding around GDPR, we were always expecting some interesting headlines. This week, The BBC reported how a local authority in Sweden incurred a large fine, after trialling facial recognition on students to keep track of attendance. The Swedish Data Protection Authority (DPA) fined Skelleftea Municipality  200,000 Swedish Krona (£16,800) […]

Sentry matches the requirements of the ICO

It’s now less than four months until enforcement of the GDPR begins. You’d imagine that every now knows about the regulation even if they’re not totally clear about the impact. On Tuesday of this week (24th January), the Department for Digital, Culture, Media and Sport released some preliminary results from Cyber Security Breaches Survey. With […]

On Wednesday 17th January, the Data Protection Bill completed its journey through the House of Lords and headed back to the Commons. This means it’s heading toward the last stages before it becomes law. Over the last few weeks I’ve been asked several times what the difference is between the Bill and the GDPR, also […]

Happy New Year! Welcome in the GDPR You know what it’s like, the New Year celebrations are done and its back the realities of work. Part of that reality for 2018 is the enforcement of the GDPR that starts on the 25th May. You’re probably familiar with the basics, but just in case here is […]

Get the training you need with GDPR Sentry services

Among all the questions about the impact of the GDPR, it’s interesting to see another perspective on concerns about personal data. This comes from consumers in the USA, a country with some mixed attitudes toward privacy in general. From a survey conducted in September 2017, PWC have produced a report for their Consumer Intelligence Series […]

Mention the UK and the EU right now you’ll almost certainly hear about Brexit.  Organisations pondering life outside of the EU may be forgiven for not being totally up to date with the details of the GDPR. Take a journey back in time with me to 1963. Britain was trying to get into the six […]

GDPR Sentry can help you fill the knowledge gap

The DPO, or Data Protection Officer, is a role that has been discussed at length as the GDPR has moved from concept to reality. The DPO is responsible for: Informing the organisation on its GDPR obligations Monitoring that compliance Being the first point of contact for employees and supervisory authorities Training Staff Conducting audits and […]

This is a question that many people are asking. With high profile breaches making the news, will the ICO care about schools? Let’s just return the statistics about breaches. In 2017/18, around 3,300 breaches were serious enough to have to be reported to the ICO. Of these more than 350 came from Education and Childcare. […]

Get GDPR News Straight To Your Inbox!