The requirement listed is reasonably clear “Your organisation should have communicated policies, procedures and guidance to all staff that set out when it is appropriate for them to share or disclose data.”
We know that schools are asked to share data on a regular basis for areas like healthcare, educational and pastoral support and for students to have the opportunity for enrichment activities. This compliance requirement means that you need to have a policy document that allows staff to know when information can be shared.
Other measures then require that, for example, you have a named person taking responsibility for data sharing, that staff are trained, that you record sharing arrangements. Each measure is accompanied by descriptions of the requirement. Your data protection officer will be able to provide more advice on the requirements.
The notes and files section allows you to record information about how you’ve complied with the task. In this case you could upload a copy of your Data Sharing Policy.
The other parts of the Sentry system will allow you to comply with other requirements. For example. each data sharing partner should be recorded in the Suppliers section of the system. The activities for which the data is shared will be recorded in the process mapping section.