• GDPR News

News & views on all things GDPR

Last week, a news article popped up. “UK to overhaul privacy rules”. Naturally, it piqued some interest. The UK debated revoking the GDPR before they finished implementing it. By the time the GDPR came into effect in 2018, several years had passed since the UK announced its intention to leave the EU. However, we have […]

It seems we are slowly marching towards “freedom day”, when the Prime Minister announces the removal of the restrictions that have covered almost every aspect of our day-to-day. However, Covid cases are on the rise again. With numbers as high as they were in Autumn 2020, We are all hoping the link between rising case […]

For today’s post, we’re taking a quick dive into the murky depths of Subject Access Requests. Imagine this scenario. One of your students, staff members, or anyone you might have information about is standing at the front desk, and they’re asking for all of their data. What do you do? What happens next? For many […]

Here’s a good news story to kick off the new month…   The GDPR has provided a whole new framework for data protection, a framework that is centred around an individual’s right to privacy rather than an organisation’s desire for data. Your rights are now stronger and clearer, and organisations must safeguard data and be […]

  In schools, responsibility surrounding children’s mental health and wellbeing is clearly documented. Legislation such as the 1989 Children’s Act, and guidance such as “Keeping Children Safe in Education,” set out responsibilities of staff and governors. Furthermore, it is made abundantly clear that data protection concerns should not prevent action from being taken to support […]

  We’ve reached a new checkpoint in Boris’s Covid roadmap. Yesterday, non-essential shops reopened, and many flocked to their local pub to enjoy a pint outside. For many, yesterday also marked their first day back in the office. While teaching staff have been back for a few weeks now, for others the full time return to the […]

  When you purchase a product or use a service, at some point you will probably receive a feedback form. It’s almost an inevitability. It might be a form that arrives on email, or an irritating pop-up in an app. Recently, if you use a smart speaker you may get a notification which proceeds to […]

Last week, a global hacking campaign targeted Microsoft Exchange servers, and compromised hundreds of UK companies. It was estimated that more than 500 email servers in the UK were hacked, alongside many more across the world. Attackers used newly discovered vulnerabilities in the software to gain access to data, or to install ransomware. Ransomware can […]

Last Month, The U.K. Commissioner for Public Appointments posted an advertisement for a new Information Commissioner. Current Commissioner Elizabeth Denham announced previously that she was leaving her post in October, having overseen the UK’s transition to new data protection laws.   Whoever is hired will be stepping into quite a sizable pair of shoes. Data protection complaints doubled in 2018/19, from around 21,000 to […]

Image of DNA model, with vertical code in green text in the background.

In the second instalment of our Emerging Tech series, we look at the development of commercial genetic testing, and the data protection implications of widespread genetic screening.     “Customers who are genetically similar to you consume 60mg more caffeine a day than average.”  “You are not likely to be a sprinter/power athlete”  “Customers like you […]

WhatsApp have spent the last month putting out self-inflicted fires. After a disastrous announcement of changes to their terms of service, the company have been scrambling to convince users to stick with the app. However, even with delayed implementation of the new terms of services, and hundreds of reassurances, their PR nightmare has prompted many […]

Image of face breaking into cubes, representing AI and Machine Learning

Anyone involved in last year’s exam grade saga probably harbours a level of resentment against algorithms.  The government formula was designed to standardise grades across the country. Instead, it affected students disproportionately, raising grades for students in smaller classes and more affluent areas. Conversely, students in poorer performing schools had their grades reduced, based on past grades from previous […]

Today is Data Protection Day. It’s not on the front page of the papers, but you might see a little notification on the bottom of the Google Homepage. In 2007, the Council of Europe designated January 28th Data Protection Day (or Data Privacy Day in other parts of the world), to highlight the importance of […]

It has now been over a year since Chinese authorities reported the first case of Covid-19 to the World Health Organisation. This year has brought tragedy for the many people who have lost loved ones. It’s also brought difficulties for all, with restrictions on our daily life that haven’t been seen since the 1940s. Mental […]

It has been a year of chaos. The Oxford English Dictionary usually nominate one word as ‘Word of the Year’. This year, there has been so much change that they couldn’t narrow it down to just one. “Covid-19, Lockdown, Anti-Maskers, Unmute” Not to forget “Bushfire” when millions of acres of Australian bushland burnt at the […]

The EU-US Privacy shield, a framework designed by the U.S. Department of Commerce, and the European commission, has been struck down by the European Court of Justice (ECJ). The framework, approved by the EU in 2016, has been at the centre of several international discussions for the last few years. The program allowed companies to […]

With more than 3,000 cases of the new coronavirus confirmed, Italy has announced that it will be shutting all schools for 10 days, to slow the spread of the disease. With cases beginning to increase in the UK, the possibility of similar action being taken here is also increasing. Most students, teachers and lecturers are […]

Last week, the University of East Anglia (UEA) paid out over £140,000 compensation to students affected by a 2017 data breach. An email containing information on personal issues, health problems and circumstances such as bereavement, was mistakenly sent to 300 UEA students. The email contained sensitive personal data of over 190 people. UEA reported that […]

Last week’s post briefly touched on how technological advances are providing new data protection challenges. Earlier this month, the 2020 Consumer Electronics Show (CES) showed the world the new smart devices we can expect to see filtering through the markets soon. There were many companion robots on show. For instance, Bellabot (a robot cat waiter […]

We don’t usually comment on cybersecurity stories but the breaking news of the issues at Travelex (as reported by the BBC) made me think about the potential loss of access to critical information in an educational setting.  From the information available ransomware has been placed in the Travelex system, forcing the company to shut down its’ online […]

The UK government has not had a fantastic start to the year. The New Year’s honours list, a list of individuals receiving awards on New Year’s Day, was mistakenly posted with personal contact details of over a thousand people. While the document was only available for around an hour, many notable—and often controversial—figures had their […]

Santa Claus reading a list on a scroll. The background is grey with snowflakes.

The time has come. Tinsel is up, chestnuts are roasting, and Santa is preparing his “Naughty or Nice list”. However, in this time of tradition, should we be thinking of the new data protection laws? Is St Nick in breach of the GDPR? Well, he might be. Having a list of all the boys and […]

A report published last week by career focused social network LinkedIn, identified the “Emerging Jobs” of 2020 in the UK. The report, which can be found here, looks at the roles that are experiencing significant growth. At number one is “Artificial Intelligence Specialist”, confirming that this field is expanding out of the academic realm and […]

While the Christmas holidays are tantalisingly close, many schools are struggling with the norovirus outbreak that is sweeping across the country. It got us thinking about the way that winter can leave us feeling washed out, both physically and mentally and how that could have an impact on more than just the mood at work. […]

When you talk about data protection all day, every day, it’s easy to assume that everyone else does the same. Some of the terms and names used when referring to the new GDPR are not as clearly defined as they could be. So, this week we are looking at the role of a ‘data processor’ […]

Careless Talk Causes Breaches

…(and can be costly too!)   GDPR is not normally associated with parties, but recently I heard the end of a conversation about an office Christmas party and it set me thinking about the impact that a misplaced sentence can have. Friendships and working relationships can be badly damaged, in some cases, irreparable. If I […]

Being as clear as mud when it comes to Data Protection A key principle of data protection is transparency. You must be upfront about what you plan to do with personal data. A failure to be transparent has recently brought the Department for Education into the Information Commissioner’s Office’s sights. Information from the annual census […]

Are you facing the same GDPR problems as most? We asked a number of both Data Protection Officers and GDPR Leads in Education what the most common GDPR problems they come across are, interestingly, most of the answers were the same, so we thought we would put together a list of GDPR problems and some […]

Wednesday 23rd October 2019 Following on from our latest update last week, ‘How Brexit will affect GDPR’, as always with Brexit, there is another twist in the tail. In the increasing febrile corridors of Westminster, the latest set of proposals for an orderly Brexit offer a crumb of comfort from the perspective of data protection […]

With the ‘Harry2’ story recently hitting the headlines, we ask, how far do Schools really need to take data protection? Newhey Community Primary School have branded Harry Szlatoszlavek with a number 2 as his surname, so they can differentiate between him and another boy with the same first name. The Rochdale based Primary School says […]

Brexit GDPR

Among the political turmoil as we approach the deadline of the 31st October for leaving the European Union, data protection is now being mentioned. Some schools have received guidance about actions that may need to be taken. The essentials of the situation are these. Despite us having gone to considerable effort to implement GDPR and […]

Documenting Data Breaches Why paper and spreadsheets may not be enough… A Breach Scenario You’ve experienced a breach where information was sent to the wrong person. During the investigation it became clear that the person whose data was breached was aware of it happening. You took the actions that seemed appropriate and decided that it […]

data breaches

Data Breaches Happen How will you deal with one?   Breaches come in many shapes, sizes, and severities. It’s critical to recognise that an integrity breach with a single inaccurate word can be as serious as a classic confidentiality breach. Part of your training for all staff needs to be about recognising when a data […]

Summer Updates! With our brand, we didn’t want to completely change the GDPR Sentry our customers know and love, so we made some minor improvements instead, and wanted to share them with you! Can you spot any new features on our website? As well as website changes, our technical team have also been busy making […]


Since 2017, Schools, Trusts and Colleges have been bombarded with stories about the requirements and risks of failing to comply with GDPR. The mass of information around the internet can seem daunting even overwhelming, but we are here to help you on your journey to compliance. Any schools in state sector, including local authority nursery […]

With so much confusion and little understanding around GDPR, we were always expecting some interesting headlines. This week, The BBC reported how a local authority in Sweden incurred a large fine, after trialling facial recognition on students to keep track of attendance. The Swedish Data Protection Authority (DPA) fined Skelleftea Municipality  200,000 Swedish Krona (£16,800) […]

Back to school
Sentry matches the requirements of the ICO

It’s now less than four months until enforcement of the GDPR begins. You’d imagine that every now knows about the regulation even if they’re not totally clear about the impact. On Tuesday of this week (24th January), the Department for Digital, Culture, Media and Sport released some preliminary results from Cyber Security Breaches Survey. With […]

On Wednesday 17th January, the Data Protection Bill completed its journey through the House of Lords and headed back to the Commons. This means it’s heading toward the last stages before it becomes law. Over the last few weeks I’ve been asked several times what the difference is between the Bill and the GDPR, also […]

Happy New Year! Welcome in the GDPR You know what it’s like, the New Year celebrations are done and its back the realities of work. Part of that reality for 2018 is the enforcement of the GDPR that starts on the 25th May. You’re probably familiar with the basics, but just in case here is […]

Get the training you need with GDPR Sentry services

Among all the questions about the impact of the GDPR, it’s interesting to see another perspective on concerns about personal data. This comes from consumers in the USA, a country with some mixed attitudes toward privacy in general. From a survey conducted in September 2017, PWC have produced a report for their Consumer Intelligence Series […]

Mention the UK and the EU right now you’ll almost certainly hear about Brexit.  Organisations pondering life outside of the EU may be forgiven for not being totally up to date with the details of the GDPR. Take a journey back in time with me to 1963. Britain was trying to get into the six […]

GDPR Sentry can help you fill the knowledge gap

The DPO, or Data Protection Officer, is a role that has been discussed at length as the GDPR has moved from concept to reality. The DPO is responsible for: Informing the organisation on its GDPR obligations Monitoring that compliance Being the first point of contact for employees and supervisory authorities Training Staff Conducting audits and […]

Get GDPR News Straight To Your Inbox!