“Miss, what’s GDPR? Is it a new exam board?” That question might have raised a chuckle back in 2018, when GDPR first arrived with its bundle of acronyms, policy updates, and general sense of urgency. But here we are in 2025, seven years on and the UK GDPR is no longer the new kid on […]
https://gdprsentry.com/wp-content/uploads/2025/06/Picture1.jpg6461379Tanya Taylorhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngTanya Taylor2025-06-02 16:24:462025-06-02 16:24:46Education and UK GDPR in 2025: Seven Years On, Are We Getting It Right?
It’s that time of year again. The corridors are quieter. The library’s full. Revision guides multiply like gremlins. Students are hunched over past papers, and you’ve lost count of how many times you’ve said, “Just do your best.” Exam season: the annual rite of stress, snacks, and sharp-tipped pencils. We know the drill. We also […]
https://gdprsentry.com/wp-content/uploads/2025/05/exam.jpg12072068Tanya Taylorhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngTanya Taylor2025-05-12 17:00:112025-05-28 17:40:17“It’s Just Exams” - Until It Isn’t: Mental Health, Exam Stress and What GDPR Really Says About Sharing Student Data
In today’s hyperconnected world, it’s not uncommon for children to be more tech-savvy than the adults around them. But behind every cute dance video or viral meme lies a sophisticated system of data collection and recommendation algorithms, Many of which are now under scrutiny. Recently, the UK’s Information Commissioner’s Office (ICO) launched formal investigations into […]
https://gdprsentry.com/wp-content/uploads/2017/12/details.jpg400400Tanya Taylorhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngTanya Taylor2025-03-10 08:33:292025-05-28 17:36:57"Hey Kid, Are You Even Old Enough to Be Here?" - The ICO vs. Big Social
As cyber threats escalate across all sectors, UK schools have become increasingly frequent targets. From ransomware attacks that cripple entire networks to phishing campaigns aimed at staff and suppliers, the education sector is now considered a prime target for cybercriminals. According to the UK’s National Cyber Security Centre (NCSC), the volume and sophistication of attacks […]
https://gdprsentry.com/wp-content/uploads/2018/10/DPO-eye-1.jpg6751000Tanya Taylorhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngTanya Taylor2025-01-09 11:30:552025-05-28 17:33:01Cyberattacks on the Rise: What Schools Can Do to Strengthen Digital Resilience
Imagine you’re sat in the staffroom, half-eaten biscuit in one hand, half-finished student spreadsheet on the screen. You scroll down a list of names, notes, and numbers, some of which, to your horror, date back to the year David Cameron was still Prime Minister. You mutter to yourself, Why do we still have this data? […]
https://gdprsentry.com/wp-content/uploads/2021/02/phone.jpg9112068Tanya Taylorhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngTanya Taylor2024-11-05 14:40:122025-06-02 10:46:38"Decoding the Data (Use and Access) Bill: What Educators Need to Know"
12 Months, 30+ Enhancements, and One Seriously Upgraded System – Here’s Sentry’s Year in Review Over the past year, we’ve been busy building, refining, and supercharging your system with over 30 significant improvements, each one designed to make your experience more powerful, more intuitive, and, dare we say, a little more enjoyable. Whether you’ve spotted […]
There’s something unmistakable in the air when an inspection is on the horizon. You can feel the hum of preparation in every corridor; policies being printed, classroom displays getting a refresh, and colleagues exchanging knowing glances over the photocopier. It’s all hands-on deck, and every detail matters. But as walls are re-pinned and cupboards reorganised, […]
https://gdprsentry.com/wp-content/uploads/2025/05/classroom.jpg13792068Tanya Taylorhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngTanya Taylor2024-08-27 17:13:232025-05-28 17:20:31Wall Displays and Data Delays: Preparing for Inspection Without Breaching GDPR
It’s not every day you hear about global privacy treaties in the staffroom. Between lesson plans, playground duties, and wondering why the photocopier only jams when you’re in a hurry, international data agreements don’t always make it onto the radar. But every now and then, something big happens that’s worth pausing for and, Global CAPE […]
https://gdprsentry.com/wp-content/uploads/2025/05/globe.jpg11632068Tanya Taylorhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngTanya Taylor2024-05-14 09:00:052025-05-28 17:13:10Privacy Goes Global: Why the ICO Has Joined the Global CAPE and, Why Educators Should Take Note
You’ve probably heard it by now, EdTech is booming. From lesson-planning AI to real-time behaviour tracking, schools across the UK are embracing technology faster than ever. Whether it’s a new learning app or a full-blown Management Information System (MIS), the promise is the same: smarter classrooms, less admin, and happier teachers. But here’s the thing, […]
https://gdprsentry.com/wp-content/uploads/2025/05/AI.jpg12932068Tanya Taylorhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngTanya Taylor2024-02-02 17:03:262025-05-28 17:08:43New Tech, Same Responsibilities: Data Protection in the Age of AI and EdTech
Let’s face it, school leaders today wear a lot of hats. One minute, you’re supporting staff wellbeing; the next, you’re signing off on an EdTech contract, responding to a Subject Access Request, or checking if the new Wi-Fi rollout has encryption (whatever that means, right?). In today’s increasingly digital world, two terms often crop up: […]
https://gdprsentry.com/wp-content/uploads/2019/08/15.png200600Tanya Taylorhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngTanya Taylor2023-12-07 16:54:452025-05-28 16:57:58Data Protection vs. Information Security in Schools — Why Both Matter, and How to Get Them Right
If you’ve ever opened your inbox and seen a message from a parent asking for “all the information you hold on my child,” your first thought was probably: “Subject Access Request!” But hold on — not every request for pupil information automatically falls under the UK GDPR. Sometimes, it’s actually a request under education regulations, […]
https://gdprsentry.com/wp-content/uploads/2023/10/folders.jpg17952068Tanya Taylorhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngTanya Taylor2023-10-19 08:47:142025-05-28 17:02:17SARs vs School Records: Subject Access or Education Regulations?
Over the past 12 months, we’ve been busy behind the scenes, rolling out exciting new features, fine-tuning your favourite tools, and delivering enhancements that make your day-to-day work a little bit smoother (and a lot more efficient). Whether it’s a shiny new module or subtle improvements to existing systems, we’ve been listening to your feedback […]
It’s that time of year again. The weather’s warming up (at least in theory), the final exam papers are piling up in the staffroom, and the Year 11s, full of nervous energy, optimism, and just a hint of mischief, are preparing to say their goodbyes. It’s the season of leavers’ assemblies, nostalgic slide shows, and […]
https://gdprsentry.com/wp-content/uploads/2025/05/hoodies.jpg9201379Tanya Taylorhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngTanya Taylor2023-06-01 16:37:022025-05-28 16:43:15“It’s Not the End of an Era Without a Hoodie”: School Leavers, Traditions and the Truth About GDPR
As public bodies, UK schools are increasingly in the spotlight when it comes to transparency. Freedom of Information (FOI) requests are a key legal mechanism for parents, campaigners, and the media to access information about how schools operate but they’re also on the rise, especially around exams, assessments, and decision-making processes. For school administrators and […]
https://gdprsentry.com/wp-content/uploads/2019/08/Audit-Hero.jpg325400Tanya Taylorhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngTanya Taylor2023-04-10 13:30:002025-05-28 16:36:27FOI Requests in Schools: Navigating Transparency and Avoiding Misuse of Exemptions
There’s a certain kind of email that arrives in a school inbox that immediately raises eyebrows. It starts with something like: “Exciting news! We’re trialling new biometric scanners in the canteen to speed up lunch queues!” It’s followed by promises of efficiency, reduced lunch line chaos, and fewer forgotten PINs. On the surface, it sounds […]
https://gdprsentry.com/wp-content/uploads/2023/02/security.jpg10242029Tanya Taylorhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngTanya Taylor2023-02-08 12:21:442025-06-02 10:51:01“We’re Getting Fingerprint Scanners!” – Wait… Did Anyone Do a DPIA?
It’s opening night. The school hall smells faintly of paint and paper mâché. There’s a Year 5 pupil with a cardboard crown that’s just a little too large for their head, nervously adjusting their costume backstage. Parents are streaming in, phones at the ready, clinging to the best seats like it’s Glastonbury. You’ve made it […]
https://gdprsentry.com/wp-content/uploads/2025/05/Camera.jpg9801379Tanya Taylorhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngTanya Taylor2022-12-01 10:15:452025-05-28 16:19:19Curtain Up, Camera Out: Navigating Photos, Videos and GDPR at the School Play
Picture this: You’re clearing out a dusty old cupboard in the staffroom and stumble across a stack of paper files labelled “Year 11 – 2009”. A mix of test scores, behavioural logs, and, oddly, a permission slip for a trip to Alton Towers. Your first thought? How did this survive the last clear-out? Your second? […]
https://gdprsentry.com/wp-content/uploads/2017/12/dpo-blog.jpg400400Tanya Taylorhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngTanya Taylor2022-08-16 16:06:432025-05-28 16:13:51“But Why Do We Still Have That?” - Why Data Retention in Schools Matters More Than You Think
It’s a typical Tuesday morning in the staffroom. Someone’s burnt their toast, the last tea bag has mysteriously vanished, and your inbox flashes up with a reminder: “Mandatory GDPR Refresher – 20 minutes.” There’s a quiet groan. Not because anyone doubts its importance but because, for many, data protection training sits firmly in the category […]
https://gdprsentry.com/wp-content/uploads/2019/09/higher-tile.jpg300400Tanya Taylorhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngTanya Taylor2022-06-25 15:48:472025-05-28 15:58:30“Can I Share That?”: Why Regular GDPR Training Matters in Schools
https://gdprsentry.com/wp-content/uploads/2019/08/7.png200600Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2022-03-29 18:45:342025-06-02 09:45:11A Warm Welcome for the IDTA
We’re Back! It’s 2022, and with a new year comes new opportunities to look at the world through a data protection lens. To kick things off, News has broken Facebook’s parent company Meta is threatening to cut off its main consumer services like Facebook and Instagram from customers in the EU. Unlike last year’s […]
https://gdprsentry.com/wp-content/uploads/2017/11/horiz-graphic1.jpg2001000Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2022-02-22 16:22:412025-06-02 09:47:58Will Meta Cut Off the EU?
Last week, a news article popped up. “UK to overhaul privacy rules”. Naturally, it piqued some interest. The UK debated revoking the GDPR before they finished implementing it. By the time the GDPR came into effect in 2018, several years had passed since the UK announced its intention to leave the EU. However, we have […]
It seems we are slowly marching towards “freedom day”, when the Prime Minister announces the removal of the restrictions that have covered almost every aspect of our day-to-day. However, Covid cases are on the rise again. With numbers as high as they were in Autumn 2020, We are all hoping the link between rising case […]
https://gdprsentry.com/wp-content/uploads/2021/07/health.jpg13792068Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2021-07-06 09:52:002025-06-02 09:53:11Can I Ask My Employee if They're Vaccinated?
For today’s post, we’re taking a quick dive into the murky depths of Subject Access Requests. Imagine this scenario. One of your students, staff members, or anyone you might have information about is standing at the front desk, and they’re asking for all of their data. What do you do? What happens next? For many […]
Here’s a good news story to kick off the new month… The GDPR has provided a whole new framework for data protection, a framework that is centred around an individual’s right to privacy rather than an organisation’s desire for data. Your rights are now stronger and clearer, and organisations must safeguard data and be […]
In schools, responsibility surrounding children’s mental health and wellbeing is clearly documented. Legislation such as the 1989 Children’s Act, and guidance such as “Keeping Children Safe in Education,” set out responsibilities of staff and governors. Furthermore, it is made abundantly clear that data protection concerns should not prevent action from being taken to support […]
We’ve reached a new checkpoint in Boris’s Covid roadmap. Yesterday, non-essential shops reopened, and many flocked to their local pub to enjoy a pint outside. For many, yesterday also marked their first day back in the office. While teaching staff have been back for a few weeks now, for others the full time return to the […]
https://gdprsentry.com/wp-content/uploads/2019/08/project-support.jpg325400Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2021-04-13 15:24:482025-06-02 10:08:32Returning to the Office (and the Pub!)
When you purchase a product or use a service, at some point you will probably receive a feedback form. It’s almost an inevitability. It might be a form that arrives on email, or an irritating pop-up in an app. Recently, if you use a smart speaker you may get a notification which proceeds to […]
Last week, a global hacking campaign targeted Microsoft Exchange servers, and compromised hundreds of UK companies. It was estimated that more than 500 email servers in the UK were hacked, alongside many more across the world. Attackers used newly discovered vulnerabilities in the software to gain access to data, or to install ransomware. Ransomware can […]
https://gdprsentry.com/wp-content/uploads/2025/05/AI.jpg12932068Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2021-03-16 16:27:012025-06-02 10:14:15It's been 'Zero-Days' Since The Last Incident
Last Month, The U.K. Commissioner for Public Appointments posted an advertisement for a new Information Commissioner. Current Commissioner Elizabeth Denham announced previously that she was leaving her post in October, having overseen the UK’s transition to new data protection laws. Whoever is hired will be stepping into quite a sizable pair of shoes. Data protection complaints doubled in 2018/19, from around 21,000 to […]
https://gdprsentry.com/wp-content/uploads/2018/10/made-for-schools.jpg400400Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2021-03-10 11:52:022025-06-02 10:16:01Who Wants to be an Information Commissioner?
In the second instalment of our Emerging Tech series, we look at the development of commercial genetic testing, and the data protection implications of widespread genetic screening. “Customers who are genetically similar to you consume 60mg more caffeine a day than average.” “You are not likely to be a sprinter/power athlete” “Customers like you […]
WhatsApp have spent the last month putting out self-inflicted fires. After a disastrous announcement of changes to their terms of service, the company have been scrambling to convince users to stick with the app. However, even with delayed implementation of the new terms of services, and hundreds of reassurances, their PR nightmare has prompted many […]
https://gdprsentry.com/wp-content/uploads/2021/02/phone.jpg9112068Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2021-02-18 12:52:422025-06-02 10:19:31What's the Deal With WhatsApp?
Anyone involved in last year’s exam grade saga probably harbours a level of resentment against algorithms. The government formula was designed to standardise grades across the country. Instead, it affected students disproportionately, raising grades for students in smaller classes and more affluent areas. Conversely, students in poorer performing schools had their grades reduced, based on past grades from previous […]
https://gdprsentry.com/wp-content/uploads/2018/10/eye2eye.jpg6751200Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2021-02-08 15:45:482025-06-02 10:21:45Bringing Up Baby: Raising Biased AI
Today is Data Protection Day. It’s not on the front page of the papers, but you might see a little notification on the bottom of the Google Homepage. In 2007, the Council of Europe designated January 28th Data Protection Day (or Data Privacy Day in other parts of the world), to highlight the importance of […]
It has now been over a year since Chinese authorities reported the first case of Covid-19 to the World Health Organisation. This year has brought tragedy for the many people who have lost loved ones. It’s also brought difficulties for all, with restrictions on our daily life that haven’t been seen since the 1940s. Mental […]
It has been a year of chaos. The Oxford English Dictionary usually nominate one word as ‘Word of the Year’. This year, there has been so much change that they couldn’t narrow it down to just one. “Covid-19, Lockdown, Anti-Maskers, Unmute” Not to forget “Bushfire” when millions of acres of Australian bushland burnt at the […]
https://gdprsentry.com/wp-content/uploads/2019/12/santa-blog.jpg500500Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2020-11-25 17:37:112025-06-02 10:27:05Christmas Cards Come but Once a Year
The EU-US Privacy shield, a framework designed by the U.S. Department of Commerce, and the European commission, has been struck down by the European Court of Justice (ECJ). The framework, approved by the EU in 2016, has been at the centre of several international discussions for the last few years. The program allowed companies to […]
https://gdprsentry.com/wp-content/uploads/2019/08/5.png200600Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2020-07-16 17:54:392025-06-02 10:35:17The Rise and Fall of the Privacy Shield
With more than 3,000 cases of the new coronavirus confirmed, Italy has announced that it will be shutting all schools for 10 days, to slow the spread of the disease. With cases beginning to increase in the UK, the possibility of similar action being taken here is also increasing. Most students, teachers and lecturers are […]
https://gdprsentry.com/wp-content/uploads/2020/03/home.jpg11482029Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2020-03-05 14:41:282025-06-02 10:43:21Personal Data in the time of Covid-19
Last week, the University of East Anglia (UEA) paid out over £140,000 compensation to students affected by a 2017 data breach. An email containing information on personal issues, health problems and circumstances such as bereavement, was mistakenly sent to 300 UEA students. The email contained sensitive personal data of over 190 people. UEA reported that […]
Last week’s post briefly touched on how technological advances are providing new data protection challenges. Earlier this month, the 2020 Consumer Electronics Show (CES) showed the world the new smart devices we can expect to see filtering through the markets soon. There were many companion robots on show. For instance, Bellabot (a robot cat waiter […]
https://gdprsentry.com/wp-content/uploads/2023/02/security.jpg10242029Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2020-01-22 13:57:152025-06-02 10:53:46Do Students Dream of Electric Teachers?
We don’t usually comment on cybersecurity stories but the breaking news of the issues at Travelex (as reported by the BBC) made me think about the potential loss of access to critical information in an educational setting. From the information available ransomware has been placed in the Travelex system, forcing the company to shut down its’ online […]
https://gdprsentry.com/wp-content/uploads/2019/08/15.png200600Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2020-01-09 17:17:442025-06-02 10:56:11Your Organisation and the Prisoner of Ransomware
The UK government has not had a fantastic start to the year. The New Year’s honours list, a list of individuals receiving awards on New Year’s Day, was mistakenly posted with personal contact details of over a thousand people. While the document was only available for around an hour, many notable—and often controversial—figures had their […]
The time has come. Tinsel is up, chestnuts are roasting, and Santa is preparing his “Naughty or Nice list”. However, in this time of tradition, should we be thinking of the new data protection laws? Is St Nick in breach of the GDPR? Well, he might be. Having a list of all the boys and […]
A report published last week by career focused social network LinkedIn, identified the “Emerging Jobs” of 2020 in the UK. The report, which can be found here, looks at the roles that are experiencing significant growth. At number one is “Artificial Intelligence Specialist”, confirming that this field is expanding out of the academic realm and […]
https://gdprsentry.com/wp-content/uploads/2025/05/AI.jpg12932068Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2019-12-19 12:39:572025-06-02 11:08:05AI in Education: A Brave New World?
While the Christmas holidays are tantalisingly close, many schools are struggling with the norovirus outbreak that is sweeping across the country. It got us thinking about the way that winter can leave us feeling washed out, both physically and mentally and how that could have an impact on more than just the mood at work. […]
https://gdprsentry.com/wp-content/uploads/2019/12/tired.jpg10242029Kelly Worrallhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngKelly Worrall2019-12-10 14:08:082025-06-02 11:12:46How to avoid the winter blues…
When you talk about data protection all day, every day, it’s easy to assume that everyone else does the same. Some of the terms and names used when referring to the new GDPR are not as clearly defined as they could be. So, this week we are looking at the role of a ‘data processor’ […]
…(and can be costly too!) GDPR is not normally associated with parties, but recently I heard the end of a conversation about an office Christmas party and it set me thinking about the impact that a misplaced sentence can have. Friendships and working relationships can be badly damaged, in some cases, irreparable. If I […]
Being as clear as mud when it comes to Data Protection A key principle of data protection is transparency. You must be upfront about what you plan to do with personal data. A failure to be transparent has recently brought the Department for Education into the Information Commissioner’s Office’s sights. Information from the annual census […]
https://gdprsentry.com/wp-content/uploads/2019/11/Picture10.jpg298590Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2019-11-15 10:26:452025-06-02 11:23:32How the Department for Education ran into trouble with the ICO
Are you facing the same GDPR problems as most? We asked a number of both Data Protection Officers and GDPR Leads in Education what the most common GDPR problems they come across are, interestingly, most of the answers were the same, so we thought we would put together a list of GDPR problems and some […]
https://gdprsentry.com/wp-content/uploads/2023/10/folders.jpg17952068Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2019-10-29 20:56:042025-06-02 11:25:17GDPR Problems Most People Are Facing
Wednesday 23rd October 2019 Following on from our latest update last week, ‘How Brexit will affect GDPR’, as always with Brexit, there is another twist in the tail. In the increasing febrile corridors of Westminster, the latest set of proposals for an orderly Brexit offer a crumb of comfort from the perspective of data protection […]
https://gdprsentry.com/wp-content/uploads/2019/10/Brexit-GDPR-Copy-e1571672021789.jpg200200Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2019-10-21 16:31:152019-11-29 14:31:36The latest position of Brexit and GDPR…
With the ‘Harry2’ story recently hitting the headlines, we ask, how far do Schools really need to take data protection? Newhey Community Primary School have branded Harry Szlatoszlavek with a number 2 as his surname, so they can differentiate between him and another boy with the same first name. The Rochdale based Primary School says […]
https://gdprsentry.com/wp-content/uploads/2025/05/hoodies.jpg9201379Kelly Worrallhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngKelly Worrall2019-10-14 11:02:072025-06-02 11:26:17Schoolboy branded ‘Harry2’ to comply with Data Protection
Among the political turmoil as we approach the deadline of the 31st October for leaving the European Union, data protection is now being mentioned. Some schools have received guidance about actions that may need to be taken. The essentials of the situation are these. Despite us having gone to considerable effort to implement GDPR and […]
https://gdprsentry.com/wp-content/uploads/2019/10/Brexit-GDPR-Copy-e1571672021789.jpg200200Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2019-10-07 14:23:332025-06-02 11:27:15Deal or No Deal; How Will Brexit Affect GDPR?
Documenting Data Breaches Why paper and spreadsheets may not be enough… A Breach Scenario You’ve experienced a breach where information was sent to the wrong person. During the investigation it became clear that the person whose data was breached was aware of it happening. You took the actions that seemed appropriate and decided that it […]
Data Breaches Happen How will you deal with one? Breaches come in many shapes, sizes, and severities. It’s critical to recognise that an integrity breach with a single inaccurate word can be as serious as a classic confidentiality breach. Part of your training for all staff needs to be about recognising when a data […]
Summer Updates! With our brand, we didn’t want to completely change the GDPR Sentry our customers know and love, so we made some minor improvements instead, and wanted to share them with you! Can you spot any new features on our website? As well as website changes, our technical team have also been busy making […]
Since 2017, Schools, Trusts and Colleges have been bombarded with stories about the requirements and risks of failing to comply with GDPR. The mass of information around the internet can seem daunting even overwhelming, but we are here to help you on your journey to compliance. Any schools in state sector, including local authority nursery […]
https://gdprsentry.com/wp-content/uploads/2018/10/too-much.png615700Kelly Worrallhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngKelly Worrall2019-08-29 13:43:572019-10-04 12:01:34Appointed DPO? But How much do you really know?
With so much confusion and little understanding around GDPR, we were always expecting some interesting headlines. This week, The BBC reported how a local authority in Sweden incurred a large fine, after trialling facial recognition on students to keep track of attendance. The Swedish Data Protection Authority (DPA) fined Skelleftea Municipality 200,000 Swedish Krona (£16,800) […]
https://gdprsentry.com/wp-content/uploads/2020/03/home.jpg11482029Kelly Worrallhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngKelly Worrall2019-08-29 13:43:302025-06-02 11:30:24Why Schools Should Do Their Homework Too
https://gdprsentry.com/wp-content/uploads/2019/08/checklist.jpg10242029Kelly Worrallhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngKelly Worrall2019-08-29 13:42:452025-06-02 11:33:21New Term, New Data, New Risks?
It’s now less than four months until enforcement of the GDPR begins. You’d imagine that every now knows about the regulation even if they’re not totally clear about the impact. On Tuesday of this week (24th January), the Department for Digital, Culture, Media and Sport released some preliminary results from Cyber Security Breaches Survey. With […]
On Wednesday 17th January, the Data Protection Bill completed its journey through the House of Lords and headed back to the Commons. This means it’s heading toward the last stages before it becomes law. Over the last few weeks I’ve been asked several times what the difference is between the Bill and the GDPR, also […]
https://gdprsentry.com/wp-content/uploads/2019/08/7.png200600Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2018-01-19 10:56:312025-06-02 11:35:34Here comes the Data Protection Bill
Happy New Year! Welcome in the GDPR You know what it’s like, the New Year celebrations are done and its back the realities of work. Part of that reality for 2018 is the enforcement of the GDPR that starts on the 25th May. You’re probably familiar with the basics, but just in case here is […]
https://gdprsentry.com/wp-content/uploads/2018/01/2019-new.jpg378806Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2018-01-04 15:34:102019-10-04 14:15:00Happy New Year
Among all the questions about the impact of the GDPR, it’s interesting to see another perspective on concerns about personal data. This comes from consumers in the USA, a country with some mixed attitudes toward privacy in general. From a survey conducted in September 2017, PWC have produced a report for their Consumer Intelligence Series […]
https://gdprsentry.com/wp-content/uploads/2017/12/meeting_square.jpg400400Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2017-12-19 14:59:262017-12-19 15:43:56GDPR Envy: Data protection across the pond
Mention the UK and the EU right now you’ll almost certainly hear about Brexit. Organisations pondering life outside of the EU may be forgiven for not being totally up to date with the details of the GDPR. Take a journey back in time with me to 1963. Britain was trying to get into the six […]
https://gdprsentry.com/wp-content/uploads/2017/12/details.jpg400400Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2017-12-18 10:51:252018-01-04 16:01:11With the GDPR the Devil is in the details
The DPO, or Data Protection Officer, is a role that has been discussed at length as the GDPR has moved from concept to reality. The DPO is responsible for: Informing the organisation on its GDPR obligations Monitoring that compliance Being the first point of contact for employees and supervisory authorities Training Staff Conducting audits and […]
https://gdprsentry.com/wp-content/uploads/2018/10/wheretostart.jpg500500Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2017-12-15 11:39:202019-10-04 12:02:32Should you have a DPO?
This is a question that many people are asking. With high profile breaches making the news, will the ICO care about schools? Let’s just return the statistics about breaches. In 2017/18, around 3,300 breaches were serious enough to have to be reported to the ICO. Of these more than 350 came from Education and Childcare. […]
Education and UK GDPR in 2025: Seven Years On, Are We Getting It Right?
A point of view“Miss, what’s GDPR? Is it a new exam board?” That question might have raised a chuckle back in 2018, when GDPR first arrived with its bundle of acronyms, policy updates, and general sense of urgency. But here we are in 2025, seven years on and the UK GDPR is no longer the new kid on […]
“It’s Just Exams” – Until It Isn’t: Mental Health, Exam Stress and What GDPR Really Says About Sharing Student Data
A point of viewIt’s that time of year again. The corridors are quieter. The library’s full. Revision guides multiply like gremlins. Students are hunched over past papers, and you’ve lost count of how many times you’ve said, “Just do your best.” Exam season: the annual rite of stress, snacks, and sharp-tipped pencils. We know the drill. We also […]
“Hey Kid, Are You Even Old Enough to Be Here?” – The ICO vs. Big Social
A point of viewIn today’s hyperconnected world, it’s not uncommon for children to be more tech-savvy than the adults around them. But behind every cute dance video or viral meme lies a sophisticated system of data collection and recommendation algorithms, Many of which are now under scrutiny. Recently, the UK’s Information Commissioner’s Office (ICO) launched formal investigations into […]
Cyberattacks on the Rise: What Schools Can Do to Strengthen Digital Resilience
A point of viewAs cyber threats escalate across all sectors, UK schools have become increasingly frequent targets. From ransomware attacks that cripple entire networks to phishing campaigns aimed at staff and suppliers, the education sector is now considered a prime target for cybercriminals. According to the UK’s National Cyber Security Centre (NCSC), the volume and sophistication of attacks […]
“Decoding the Data (Use and Access) Bill: What Educators Need to Know”
A point of viewImagine you’re sat in the staffroom, half-eaten biscuit in one hand, half-finished student spreadsheet on the screen. You scroll down a list of names, notes, and numbers, some of which, to your horror, date back to the year David Cameron was still Prime Minister. You mutter to yourself, Why do we still have this data? […]
Sentry System Updates 2024
A point of view12 Months, 30+ Enhancements, and One Seriously Upgraded System – Here’s Sentry’s Year in Review Over the past year, we’ve been busy building, refining, and supercharging your system with over 30 significant improvements, each one designed to make your experience more powerful, more intuitive, and, dare we say, a little more enjoyable. Whether you’ve spotted […]
Wall Displays and Data Delays: Preparing for Inspection Without Breaching GDPR
A point of viewThere’s something unmistakable in the air when an inspection is on the horizon. You can feel the hum of preparation in every corridor; policies being printed, classroom displays getting a refresh, and colleagues exchanging knowing glances over the photocopier. It’s all hands-on deck, and every detail matters. But as walls are re-pinned and cupboards reorganised, […]
Privacy Goes Global: Why the ICO Has Joined the Global CAPE and, Why Educators Should Take Note
A point of viewIt’s not every day you hear about global privacy treaties in the staffroom. Between lesson plans, playground duties, and wondering why the photocopier only jams when you’re in a hurry, international data agreements don’t always make it onto the radar. But every now and then, something big happens that’s worth pausing for and, Global CAPE […]
New Tech, Same Responsibilities: Data Protection in the Age of AI and EdTech
A point of viewYou’ve probably heard it by now, EdTech is booming. From lesson-planning AI to real-time behaviour tracking, schools across the UK are embracing technology faster than ever. Whether it’s a new learning app or a full-blown Management Information System (MIS), the promise is the same: smarter classrooms, less admin, and happier teachers. But here’s the thing, […]
Data Protection vs. Information Security in Schools — Why Both Matter, and How to Get Them Right
A point of viewLet’s face it, school leaders today wear a lot of hats. One minute, you’re supporting staff wellbeing; the next, you’re signing off on an EdTech contract, responding to a Subject Access Request, or checking if the new Wi-Fi rollout has encryption (whatever that means, right?). In today’s increasingly digital world, two terms often crop up: […]
SARs vs School Records: Subject Access or Education Regulations?
A point of viewIf you’ve ever opened your inbox and seen a message from a parent asking for “all the information you hold on my child,” your first thought was probably: “Subject Access Request!” But hold on — not every request for pupil information automatically falls under the UK GDPR. Sometimes, it’s actually a request under education regulations, […]
Sentry System Updates 2023
A point of viewOver the past 12 months, we’ve been busy behind the scenes, rolling out exciting new features, fine-tuning your favourite tools, and delivering enhancements that make your day-to-day work a little bit smoother (and a lot more efficient). Whether it’s a shiny new module or subtle improvements to existing systems, we’ve been listening to your feedback […]
“It’s Not the End of an Era Without a Hoodie”: School Leavers, Traditions and the Truth About GDPR
A point of viewIt’s that time of year again. The weather’s warming up (at least in theory), the final exam papers are piling up in the staffroom, and the Year 11s, full of nervous energy, optimism, and just a hint of mischief, are preparing to say their goodbyes. It’s the season of leavers’ assemblies, nostalgic slide shows, and […]
FOI Requests in Schools: Navigating Transparency and Avoiding Misuse of Exemptions
A point of viewAs public bodies, UK schools are increasingly in the spotlight when it comes to transparency. Freedom of Information (FOI) requests are a key legal mechanism for parents, campaigners, and the media to access information about how schools operate but they’re also on the rise, especially around exams, assessments, and decision-making processes. For school administrators and […]
“We’re Getting Fingerprint Scanners!” – Wait… Did Anyone Do a DPIA?
A point of viewThere’s a certain kind of email that arrives in a school inbox that immediately raises eyebrows. It starts with something like: “Exciting news! We’re trialling new biometric scanners in the canteen to speed up lunch queues!” It’s followed by promises of efficiency, reduced lunch line chaos, and fewer forgotten PINs. On the surface, it sounds […]
Curtain Up, Camera Out: Navigating Photos, Videos and GDPR at the School Play
A point of viewIt’s opening night. The school hall smells faintly of paint and paper mâché. There’s a Year 5 pupil with a cardboard crown that’s just a little too large for their head, nervously adjusting their costume backstage. Parents are streaming in, phones at the ready, clinging to the best seats like it’s Glastonbury. You’ve made it […]
“But Why Do We Still Have That?” – Why Data Retention in Schools Matters More Than You Think
A point of viewPicture this: You’re clearing out a dusty old cupboard in the staffroom and stumble across a stack of paper files labelled “Year 11 – 2009”. A mix of test scores, behavioural logs, and, oddly, a permission slip for a trip to Alton Towers. Your first thought? How did this survive the last clear-out? Your second? […]
“Can I Share That?”: Why Regular GDPR Training Matters in Schools
A point of viewIt’s a typical Tuesday morning in the staffroom. Someone’s burnt their toast, the last tea bag has mysteriously vanished, and your inbox flashes up with a reminder: “Mandatory GDPR Refresher – 20 minutes.” There’s a quiet groan. Not because anyone doubts its importance but because, for many, data protection training sits firmly in the category […]
A Warm Welcome for the IDTA
A point of viewWill Meta Cut Off the EU?
A point of viewWe’re Back! It’s 2022, and with a new year comes new opportunities to look at the world through a data protection lens. To kick things off, News has broken Facebook’s parent company Meta is threatening to cut off its main consumer services like Facebook and Instagram from customers in the EU. Unlike last year’s […]
Privacy Rules: Rumoured Renovations
A point of viewLast week, a news article popped up. “UK to overhaul privacy rules”. Naturally, it piqued some interest. The UK debated revoking the GDPR before they finished implementing it. By the time the GDPR came into effect in 2018, several years had passed since the UK announced its intention to leave the EU. However, we have […]
Can I Ask My Employee if They’re Vaccinated?
A point of viewIt seems we are slowly marching towards “freedom day”, when the Prime Minister announces the removal of the restrictions that have covered almost every aspect of our day-to-day. However, Covid cases are on the rise again. With numbers as high as they were in Autumn 2020, We are all hoping the link between rising case […]
Demystifying SARs: Handling a Subject Access Request
A point of viewFor today’s post, we’re taking a quick dive into the murky depths of Subject Access Requests. Imagine this scenario. One of your students, staff members, or anyone you might have information about is standing at the front desk, and they’re asking for all of their data. What do you do? What happens next? For many […]
GDPR and Climate Change: An Unexpected Benefit
A point of viewHere’s a good news story to kick off the new month… The GDPR has provided a whole new framework for data protection, a framework that is centred around an individual’s right to privacy rather than an organisation’s desire for data. Your rights are now stronger and clearer, and organisations must safeguard data and be […]
Managing Mental Health Concerns in Higher Education
A point of viewIn schools, responsibility surrounding children’s mental health and wellbeing is clearly documented. Legislation such as the 1989 Children’s Act, and guidance such as “Keeping Children Safe in Education,” set out responsibilities of staff and governors. Furthermore, it is made abundantly clear that data protection concerns should not prevent action from being taken to support […]
Returning to the Office (and the Pub!)
A point of viewWe’ve reached a new checkpoint in Boris’s Covid roadmap. Yesterday, non-essential shops reopened, and many flocked to their local pub to enjoy a pint outside. For many, yesterday also marked their first day back in the office. While teaching staff have been back for a few weeks now, for others the full time return to the […]
Understanding Anonymisation
A point of viewWhen you purchase a product or use a service, at some point you will probably receive a feedback form. It’s almost an inevitability. It might be a form that arrives on email, or an irritating pop-up in an app. Recently, if you use a smart speaker you may get a notification which proceeds to […]
It’s been ‘Zero-Days’ Since The Last Incident
A point of viewLast week, a global hacking campaign targeted Microsoft Exchange servers, and compromised hundreds of UK companies. It was estimated that more than 500 email servers in the UK were hacked, alongside many more across the world. Attackers used newly discovered vulnerabilities in the software to gain access to data, or to install ransomware. Ransomware can […]
Who Wants to be an Information Commissioner?
A point of viewLast Month, The U.K. Commissioner for Public Appointments posted an advertisement for a new Information Commissioner. Current Commissioner Elizabeth Denham announced previously that she was leaving her post in October, having overseen the UK’s transition to new data protection laws. Whoever is hired will be stepping into quite a sizable pair of shoes. Data protection complaints doubled in 2018/19, from around 21,000 to […]
GDPR and Genetic Testing
A point of view, Emerging Tech and Data Protection, SeriesIn the second instalment of our Emerging Tech series, we look at the development of commercial genetic testing, and the data protection implications of widespread genetic screening. “Customers who are genetically similar to you consume 60mg more caffeine a day than average.” “You are not likely to be a sprinter/power athlete” “Customers like you […]
What’s the Deal With WhatsApp?
A point of viewWhatsApp have spent the last month putting out self-inflicted fires. After a disastrous announcement of changes to their terms of service, the company have been scrambling to convince users to stick with the app. However, even with delayed implementation of the new terms of services, and hundreds of reassurances, their PR nightmare has prompted many […]
Bringing Up Baby: Raising Biased AI
A point of view, Emerging Tech and Data Protection, SeriesAnyone involved in last year’s exam grade saga probably harbours a level of resentment against algorithms. The government formula was designed to standardise grades across the country. Instead, it affected students disproportionately, raising grades for students in smaller classes and more affluent areas. Conversely, students in poorer performing schools had their grades reduced, based on past grades from previous […]
Data Protection Day: Staying Alert
A point of viewToday is Data Protection Day. It’s not on the front page of the papers, but you might see a little notification on the bottom of the Google Homepage. In 2007, the Council of Europe designated January 28th Data Protection Day (or Data Privacy Day in other parts of the world), to highlight the importance of […]
School, Interrupted: Data Protection and Mental Wellbeing
A point of viewIt has now been over a year since Chinese authorities reported the first case of Covid-19 to the World Health Organisation. This year has brought tragedy for the many people who have lost loved ones. It’s also brought difficulties for all, with restrictions on our daily life that haven’t been seen since the 1940s. Mental […]
Christmas Cards Come but Once a Year
A point of viewIt has been a year of chaos. The Oxford English Dictionary usually nominate one word as ‘Word of the Year’. This year, there has been so much change that they couldn’t narrow it down to just one. “Covid-19, Lockdown, Anti-Maskers, Unmute” Not to forget “Bushfire” when millions of acres of Australian bushland burnt at the […]
The Rise and Fall of the Privacy Shield
A point of viewThe EU-US Privacy shield, a framework designed by the U.S. Department of Commerce, and the European commission, has been struck down by the European Court of Justice (ECJ). The framework, approved by the EU in 2016, has been at the centre of several international discussions for the last few years. The program allowed companies to […]
Personal Data in the time of Covid-19
A point of viewWith more than 3,000 cases of the new coronavirus confirmed, Italy has announced that it will be shutting all schools for 10 days, to slow the spread of the disease. With cases beginning to increase in the UK, the possibility of similar action being taken here is also increasing. Most students, teachers and lecturers are […]
The Misfortunes of Misdirected Emails
A point of viewLast week, the University of East Anglia (UEA) paid out over £140,000 compensation to students affected by a 2017 data breach. An email containing information on personal issues, health problems and circumstances such as bereavement, was mistakenly sent to 300 UEA students. The email contained sensitive personal data of over 190 people. UEA reported that […]
Do Students Dream of Electric Teachers?
A point of viewLast week’s post briefly touched on how technological advances are providing new data protection challenges. Earlier this month, the 2020 Consumer Electronics Show (CES) showed the world the new smart devices we can expect to see filtering through the markets soon. There were many companion robots on show. For instance, Bellabot (a robot cat waiter […]
Your Organisation and the Prisoner of Ransomware
A point of viewWe don’t usually comment on cybersecurity stories but the breaking news of the issues at Travelex (as reported by the BBC) made me think about the potential loss of access to critical information in an educational setting. From the information available ransomware has been placed in the Travelex system, forcing the company to shut down its’ online […]
GDPR New Year’s Resolutions
A point of viewThe UK government has not had a fantastic start to the year. The New Year’s honours list, a list of individuals receiving awards on New Year’s Day, was mistakenly posted with personal contact details of over a thousand people. While the document was only available for around an hour, many notable—and often controversial—figures had their […]
Has GDPR Stolen Christmas?
A point of viewThe time has come. Tinsel is up, chestnuts are roasting, and Santa is preparing his “Naughty or Nice list”. However, in this time of tradition, should we be thinking of the new data protection laws? Is St Nick in breach of the GDPR? Well, he might be. Having a list of all the boys and […]
AI in Education: A Brave New World?
A point of viewA report published last week by career focused social network LinkedIn, identified the “Emerging Jobs” of 2020 in the UK. The report, which can be found here, looks at the roles that are experiencing significant growth. At number one is “Artificial Intelligence Specialist”, confirming that this field is expanding out of the academic realm and […]
How to avoid the winter blues…
A point of viewWhile the Christmas holidays are tantalisingly close, many schools are struggling with the norovirus outbreak that is sweeping across the country. It got us thinking about the way that winter can leave us feeling washed out, both physically and mentally and how that could have an impact on more than just the mood at work. […]
Data Controllers and Data Processors; Who’s who?
A point of viewWhen you talk about data protection all day, every day, it’s easy to assume that everyone else does the same. Some of the terms and names used when referring to the new GDPR are not as clearly defined as they could be. So, this week we are looking at the role of a ‘data processor’ […]
Careless Talk Causes Breaches
A point of view…(and can be costly too!) GDPR is not normally associated with parties, but recently I heard the end of a conversation about an office Christmas party and it set me thinking about the impact that a misplaced sentence can have. Friendships and working relationships can be badly damaged, in some cases, irreparable. If I […]
How the Department for Education ran into trouble with the ICO
A point of viewBeing as clear as mud when it comes to Data Protection A key principle of data protection is transparency. You must be upfront about what you plan to do with personal data. A failure to be transparent has recently brought the Department for Education into the Information Commissioner’s Office’s sights. Information from the annual census […]
GDPR Problems Most People Are Facing
A point of viewAre you facing the same GDPR problems as most? We asked a number of both Data Protection Officers and GDPR Leads in Education what the most common GDPR problems they come across are, interestingly, most of the answers were the same, so we thought we would put together a list of GDPR problems and some […]
The latest position of Brexit and GDPR…
A point of viewWednesday 23rd October 2019 Following on from our latest update last week, ‘How Brexit will affect GDPR’, as always with Brexit, there is another twist in the tail. In the increasing febrile corridors of Westminster, the latest set of proposals for an orderly Brexit offer a crumb of comfort from the perspective of data protection […]
Schoolboy branded ‘Harry2’ to comply with Data Protection
A point of viewWith the ‘Harry2’ story recently hitting the headlines, we ask, how far do Schools really need to take data protection? Newhey Community Primary School have branded Harry Szlatoszlavek with a number 2 as his surname, so they can differentiate between him and another boy with the same first name. The Rochdale based Primary School says […]
Deal or No Deal; How Will Brexit Affect GDPR?
A point of viewAmong the political turmoil as we approach the deadline of the 31st October for leaving the European Union, data protection is now being mentioned. Some schools have received guidance about actions that may need to be taken. The essentials of the situation are these. Despite us having gone to considerable effort to implement GDPR and […]
Documenting Data Breaches
A point of viewDocumenting Data Breaches Why paper and spreadsheets may not be enough… A Breach Scenario You’ve experienced a breach where information was sent to the wrong person. During the investigation it became clear that the person whose data was breached was aware of it happening. You took the actions that seemed appropriate and decided that it […]
Managing Data Breaches
A point of viewData Breaches Happen How will you deal with one? Breaches come in many shapes, sizes, and severities. It’s critical to recognise that an integrity breach with a single inaccurate word can be as serious as a classic confidentiality breach. Part of your training for all staff needs to be about recognising when a data […]
Sentry System – Updates
A point of viewSummer Updates! With our brand, we didn’t want to completely change the GDPR Sentry our customers know and love, so we made some minor improvements instead, and wanted to share them with you! Can you spot any new features on our website? As well as website changes, our technical team have also been busy making […]
Appointed DPO? But How much do you really know?
A point of viewSince 2017, Schools, Trusts and Colleges have been bombarded with stories about the requirements and risks of failing to comply with GDPR. The mass of information around the internet can seem daunting even overwhelming, but we are here to help you on your journey to compliance. Any schools in state sector, including local authority nursery […]
Why Schools Should Do Their Homework Too
A point of viewWith so much confusion and little understanding around GDPR, we were always expecting some interesting headlines. This week, The BBC reported how a local authority in Sweden incurred a large fine, after trialling facial recognition on students to keep track of attendance. The Swedish Data Protection Authority (DPA) fined Skelleftea Municipality 200,000 Swedish Krona (£16,800) […]
New Term, New Data, New Risks?
A point of viewOur survey said……
A point of viewIt’s now less than four months until enforcement of the GDPR begins. You’d imagine that every now knows about the regulation even if they’re not totally clear about the impact. On Tuesday of this week (24th January), the Department for Digital, Culture, Media and Sport released some preliminary results from Cyber Security Breaches Survey. With […]
Here comes the Data Protection Bill
A point of viewOn Wednesday 17th January, the Data Protection Bill completed its journey through the House of Lords and headed back to the Commons. This means it’s heading toward the last stages before it becomes law. Over the last few weeks I’ve been asked several times what the difference is between the Bill and the GDPR, also […]
Happy New Year
A point of viewHappy New Year! Welcome in the GDPR You know what it’s like, the New Year celebrations are done and its back the realities of work. Part of that reality for 2018 is the enforcement of the GDPR that starts on the 25th May. You’re probably familiar with the basics, but just in case here is […]
GDPR Envy: Data protection across the pond
A point of viewAmong all the questions about the impact of the GDPR, it’s interesting to see another perspective on concerns about personal data. This comes from consumers in the USA, a country with some mixed attitudes toward privacy in general. From a survey conducted in September 2017, PWC have produced a report for their Consumer Intelligence Series […]
With the GDPR the Devil is in the details
A point of viewMention the UK and the EU right now you’ll almost certainly hear about Brexit. Organisations pondering life outside of the EU may be forgiven for not being totally up to date with the details of the GDPR. Take a journey back in time with me to 1963. Britain was trying to get into the six […]
Should you have a DPO?
A point of viewThe DPO, or Data Protection Officer, is a role that has been discussed at length as the GDPR has moved from concept to reality. The DPO is responsible for: Informing the organisation on its GDPR obligations Monitoring that compliance Being the first point of contact for employees and supervisory authorities Training Staff Conducting audits and […]
Is anyone going to focus on schools?
A point of viewThis is a question that many people are asking. With high profile breaches making the news, will the ICO care about schools? Let’s just return the statistics about breaches. In 2017/18, around 3,300 breaches were serious enough to have to be reported to the ICO. Of these more than 350 came from Education and Childcare. […]