Last week, a news article popped up. “UK to overhaul privacy rules”. Naturally, it piqued some interest. The UK debated revoking the GDPR before they finished implementing it. By the time the GDPR came into effect in 2018, several years had passed since the UK announced its intention to leave the EU. However, we have […]
It seems we are slowly marching towards “freedom day”, when the Prime Minister announces the removal of the restrictions that have covered almost every aspect of our day-to-day. However, Covid cases are on the rise again. With numbers as high as they were in Autumn 2020, We are all hoping the link between rising case […]
https://gdprsentry.com/wp-content/uploads/2021/07/vaccine-pass.jpeg533800Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2021-07-06 09:52:002021-07-06 09:52:00Can I Ask My Employee if They're Vaccinated?
For today’s post, we’re taking a quick dive into the murky depths of Subject Access Requests. Imagine this scenario. One of your students, staff members, or anyone you might have information about is standing at the front desk, and they’re asking for all of their data. What do you do? What happens next? For many […]
Here’s a good news story to kick off the new month… The GDPR has provided a whole new framework for data protection, a framework that is centred around an individual’s right to privacy rather than an organisation’s desire for data. Your rights are now stronger and clearer, and organisations must safeguard data and be […]
In schools, responsibility surrounding children’s mental health and wellbeing is clearly documented. Legislation such as the 1989 Children’s Act, and guidance such as “Keeping Children Safe in Education,” set out responsibilities of staff and governors. Furthermore, it is made abundantly clear that data protection concerns should not prevent action from being taken to support […]
We’ve reached a new checkpoint in Boris’s Covid roadmap. Yesterday, non-essential shops reopened, and many flocked to their local pub to enjoy a pint outside. For many, yesterday also marked their first day back in the office. While teaching staff have been back for a few weeks now, for others the full time return to the […]
https://gdprsentry.com/wp-content/uploads/2021/04/returning-to-the-office-.jpeg533800Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2021-04-13 15:24:482021-04-13 15:38:37Returning to the Office (and the Pub!)
When you purchase a product or use a service, at some point you will probably receive a feedback form. It’s almost an inevitability. It might be a form that arrives on email, or an irritating pop-up in an app. Recently, if you use a smart speaker you may get a notification which proceeds to […]
Last week, a global hacking campaign targeted Microsoft Exchange servers, and compromised hundreds of UK companies. It was estimated that more than 500 email servers in the UK were hacked, alongside many more across the world. Attackers used newly discovered vulnerabilities in the software to gain access to data, or to install ransomware. Ransomware can […]
https://gdprsentry.com/wp-content/uploads/2021/03/AdobeStock_248178018.jpeg534800Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2021-03-16 16:27:012021-03-16 16:27:54It's been 'Zero-Days' Since The Last Incident
Last Month, The U.K. Commissioner for Public Appointments posted an advertisement for a new Information Commissioner. Current Commissioner Elizabeth Denham announced previously that she was leaving her post in October, having overseen the UK’s transition to new data protection laws. Whoever is hired will be stepping into quite a sizable pair of shoes. Data protection complaints doubled in 2018/19, from around 21,000 to […]
https://gdprsentry.com/wp-content/uploads/2021/03/resize-2-e1615375973553.jpeg532794Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2021-03-10 11:52:022021-03-10 11:52:02Who Wants to be an Information Commissioner?
In the second instalment of our Emerging Tech series, we look at the development of commercial genetic testing, and the data protection implications of widespread genetic screening. “Customers who are genetically similar to you consume 60mg more caffeine a day than average.” “You are not likely to be a sprinter/power athlete” “Customers like you […]
WhatsApp have spent the last month putting out self-inflicted fires. After a disastrous announcement of changes to their terms of service, the company have been scrambling to convince users to stick with the app. However, even with delayed implementation of the new terms of services, and hundreds of reassurances, their PR nightmare has prompted many […]
https://gdprsentry.com/wp-content/uploads/2021/02/AdobeStock_232438359.jpeg13342000Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2021-02-18 12:52:422021-02-18 12:52:42What's the Deal With WhatsApp?
Anyone involved in last year’s exam grade saga probably harbours a level of resentment against algorithms. The government formula was designed to standardise grades across the country. Instead, it affected students disproportionately, raising grades for students in smaller classes and more affluent areas. Conversely, students in poorer performing schools had their grades reduced, based on past grades from previous […]
https://gdprsentry.com/wp-content/uploads/2021/02/AI-Featured-Image.jpeg9001800Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2021-02-08 15:45:482021-02-08 15:47:45Bringing Up Baby: Raising Biased AI
Today is Data Protection Day. It’s not on the front page of the papers, but you might see a little notification on the bottom of the Google Homepage. In 2007, the Council of Europe designated January 28th Data Protection Day (or Data Privacy Day in other parts of the world), to highlight the importance of […]
It has now been over a year since Chinese authorities reported the first case of Covid-19 to the World Health Organisation. This year has brought tragedy for the many people who have lost loved ones. It’s also brought difficulties for all, with restrictions on our daily life that haven’t been seen since the 1940s. Mental […]
It has been a year of chaos. The Oxford English Dictionary usually nominate one word as ‘Word of the Year’. This year, there has been so much change that they couldn’t narrow it down to just one. “Covid-19, Lockdown, Anti-Maskers, Unmute” Not to forget “Bushfire” when millions of acres of Australian bushland burnt at the […]
https://gdprsentry.com/wp-content/uploads/2020/11/AdobeStock_184447050-e1606325572893.jpeg12372449Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2020-11-25 17:37:112020-11-25 17:37:11Christmas Cards Come but Once a Year
The EU-US Privacy shield, a framework designed by the U.S. Department of Commerce, and the European commission, has been struck down by the European Court of Justice (ECJ). The framework, approved by the EU in 2016, has been at the centre of several international discussions for the last few years. The program allowed companies to […]
https://gdprsentry.com/wp-content/uploads/2020/07/EUUS-scaled.jpg9882560Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2020-07-16 17:54:392020-07-16 17:54:39The Rise and Fall of the Privacy Shield
With more than 3,000 cases of the new coronavirus confirmed, Italy has announced that it will be shutting all schools for 10 days, to slow the spread of the disease. With cases beginning to increase in the UK, the possibility of similar action being taken here is also increasing. Most students, teachers and lecturers are […]
https://gdprsentry.com/wp-content/uploads/2020/03/AdobeStock_56947997-scaled.jpeg17072560Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2020-03-05 14:41:282020-03-24 11:27:24Personal Data in the time of Covid-19
Last week, the University of East Anglia (UEA) paid out over £140,000 compensation to students affected by a 2017 data breach. An email containing information on personal issues, health problems and circumstances such as bereavement, was mistakenly sent to 300 UEA students. The email contained sensitive personal data of over 190 people. UEA reported that […]
Last week’s post briefly touched on how technological advances are providing new data protection challenges. Earlier this month, the 2020 Consumer Electronics Show (CES) showed the world the new smart devices we can expect to see filtering through the markets soon. There were many companion robots on show. For instance, Bellabot (a robot cat waiter […]
https://gdprsentry.com/wp-content/uploads/2020/01/blog2201.jpg600900Emily Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngEmily Parrett2020-01-22 13:57:152020-01-22 13:57:15Do Students Dream of Electric Teachers?
We don’t usually comment on cybersecurity stories but the breaking news of the issues at Travelex (as reported by the BBC) made me think about the potential loss of access to critical information in an educational setting. From the information available ransomware has been placed in the Travelex system, forcing the company to shut down its’ online […]
https://gdprsentry.com/wp-content/uploads/2020/01/AdobeStock_164071544-scaled.jpeg17002560Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2020-01-09 17:17:442020-01-09 17:18:09Your Organisation and the Prisoner of Ransomware
The UK government has not had a fantastic start to the year. The New Year’s honours list, a list of individuals receiving awards on New Year’s Day, was mistakenly posted with personal contact details of over a thousand people. While the document was only available for around an hour, many notable—and often controversial—figures had their […]
The time has come. Tinsel is up, chestnuts are roasting, and Santa is preparing his “Naughty or Nice list”. However, in this time of tradition, should we be thinking of the new data protection laws? Is St Nick in breach of the GDPR? Well, he might be. Having a list of all the boys and […]
A report published last week by career focused social network LinkedIn, identified the “Emerging Jobs” of 2020 in the UK. The report, which can be found here, looks at the roles that are experiencing significant growth. At number one is “Artificial Intelligence Specialist”, confirming that this field is expanding out of the academic realm and […]
https://gdprsentry.com/wp-content/uploads/2019/12/AI-blog.jpg600800Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2019-12-19 12:39:572019-12-19 13:01:47AI in Education: A Brave New World?
While the Christmas holidays are tantalisingly close, many schools are struggling with the norovirus outbreak that is sweeping across the country. It got us thinking about the way that winter can leave us feeling washed out, both physically and mentally and how that could have an impact on more than just the mood at work. […]
https://gdprsentry.com/wp-content/uploads/2019/12/AdobeStock_298458822-scaled.jpeg17062560Kelly Worrallhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngKelly Worrall2019-12-10 14:08:082019-12-10 14:42:05How to avoid the winter blues…
When you talk about data protection all day, every day, it’s easy to assume that everyone else does the same. Some of the terms and names used when referring to the new GDPR are not as clearly defined as they could be. So, this week we are looking at the role of a ‘data processor’ […]
…(and can be costly too!) GDPR is not normally associated with parties, but recently I heard the end of a conversation about an office Christmas party and it set me thinking about the impact that a misplaced sentence can have. Friendships and working relationships can be badly damaged, in some cases, irreparable. If I […]
Being as clear as mud when it comes to Data Protection A key principle of data protection is transparency. You must be upfront about what you plan to do with personal data. A failure to be transparent has recently brought the Department for Education into the Information Commissioner’s Office’s sights. Information from the annual census […]
https://gdprsentry.com/wp-content/uploads/2019/11/Transparency-in-Data-Protection.jpeg11511736Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2019-11-15 10:26:452019-11-29 14:31:24How the Department for Education ran into trouble with the ICO
Are you facing the same GDPR problems as most? We asked a number of both Data Protection Officers and GDPR Leads in Education what the most common GDPR problems they come across are, interestingly, most of the answers were the same, so we thought we would put together a list of GDPR problems and some […]
https://gdprsentry.com/wp-content/uploads/2019/10/Common-GDPR-Problems.jpeg11551730Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2019-10-29 20:56:042019-11-15 11:48:04GDPR Problems Most People Are Facing
Wednesday 23rd October 2019 Following on from our latest update last week, ‘How Brexit will affect GDPR’, as always with Brexit, there is another twist in the tail. In the increasing febrile corridors of Westminster, the latest set of proposals for an orderly Brexit offer a crumb of comfort from the perspective of data protection […]
https://gdprsentry.com/wp-content/uploads/2019/10/Brexit-GDPR-Copy-e1571672021789.jpg200200Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2019-10-21 16:31:152019-11-29 14:31:36The latest position of Brexit and GDPR…
With the ‘Harry2’ story recently hitting the headlines, we ask, how far do Schools really need to take data protection? Newhey Community Primary School have branded Harry Szlatoszlavek with a number 2 as his surname, so they can differentiate between him and another boy with the same first name. The Rochdale based Primary School says […]
https://gdprsentry.com/wp-content/uploads/2019/10/AdobeStock_129930801.jpeg41806271Kelly Worrallhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngKelly Worrall2019-10-14 11:02:072019-10-14 15:25:50Schoolboy branded ‘Harry2’ to comply with Data Protection
Among the political turmoil as we approach the deadline of the 31st October for leaving the European Union, data protection is now being mentioned. Some schools have received guidance about actions that may need to be taken. The essentials of the situation are these. Despite us having gone to considerable effort to implement GDPR and […]
https://gdprsentry.com/wp-content/uploads/2019/10/Brexit-GDPR.jpg7201280Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2019-10-07 14:23:332019-11-29 14:32:04Deal or No Deal; How Will Brexit Affect GDPR?
Documenting Data Breaches Why paper and spreadsheets may not be enough… A Breach Scenario You’ve experienced a breach where information was sent to the wrong person. During the investigation it became clear that the person whose data was breached was aware of it happening. You took the actions that seemed appropriate and decided that it […]
Data Breaches Happen How will you deal with one? Breaches come in many shapes, sizes, and severities. It’s critical to recognise that an integrity breach with a single inaccurate word can be as serious as a classic confidentiality breach. Part of your training for all staff needs to be about recognising when a data […]
Summer Updates! With our brand, we didn’t want to completely change the GDPR Sentry our customers know and love, so we made some minor improvements instead, and wanted to share them with you! Can you spot any new features on our website? As well as website changes, our technical team have also been busy making […]
Since 2017, Schools, Trusts and Colleges have been bombarded with stories about the requirements and risks of failing to comply with GDPR. The mass of information around the internet can seem daunting even overwhelming, but we are here to help you on your journey to compliance. Any schools in state sector, including local authority nursery […]
https://gdprsentry.com/wp-content/uploads/2018/10/too-much.png615700Kelly Worrallhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngKelly Worrall2019-08-29 13:43:572019-10-04 12:01:34Appointed DPO? But How much do you really know?
With so much confusion and little understanding around GDPR, we were always expecting some interesting headlines. This week, The BBC reported how a local authority in Sweden incurred a large fine, after trialling facial recognition on students to keep track of attendance. The Swedish Data Protection Authority (DPA) fined Skelleftea Municipality 200,000 Swedish Krona (£16,800) […]
https://gdprsentry.com/wp-content/uploads/2019/08/108517603_facial-recognition-kids.png361642Kelly Worrallhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngKelly Worrall2019-08-29 13:43:302019-10-07 09:01:58Why Schools Should Do Their Homework Too
https://gdprsentry.com/wp-content/uploads/2019/08/Back-to-school-1.jpg36485472Kelly Worrallhttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngKelly Worrall2019-08-29 13:42:452019-10-04 12:01:59New Term, New Data, New Risks?
It’s now less than four months until enforcement of the GDPR begins. You’d imagine that every now knows about the regulation even if they’re not totally clear about the impact. On Tuesday of this week (24th January), the Department for Digital, Culture, Media and Sport released some preliminary results from Cyber Security Breaches Survey. With […]
On Wednesday 17th January, the Data Protection Bill completed its journey through the House of Lords and headed back to the Commons. This means it’s heading toward the last stages before it becomes law. Over the last few weeks I’ve been asked several times what the difference is between the Bill and the GDPR, also […]
https://gdprsentry.com/wp-content/uploads/2019/08/gdpr-flag.jpg13571920Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2018-01-19 10:56:312019-08-29 11:11:03Here comes the Data Protection Bill
Happy New Year! Welcome in the GDPR You know what it’s like, the New Year celebrations are done and its back the realities of work. Part of that reality for 2018 is the enforcement of the GDPR that starts on the 25th May. You’re probably familiar with the basics, but just in case here is […]
https://gdprsentry.com/wp-content/uploads/2018/01/2019-new.jpg378806Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2018-01-04 15:34:102019-10-04 14:15:00Happy New Year
Among all the questions about the impact of the GDPR, it’s interesting to see another perspective on concerns about personal data. This comes from consumers in the USA, a country with some mixed attitudes toward privacy in general. From a survey conducted in September 2017, PWC have produced a report for their Consumer Intelligence Series […]
https://gdprsentry.com/wp-content/uploads/2017/12/meeting_square.jpg400400Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2017-12-19 14:59:262017-12-19 15:43:56GDPR Envy: Data protection across the pond
Mention the UK and the EU right now you’ll almost certainly hear about Brexit. Organisations pondering life outside of the EU may be forgiven for not being totally up to date with the details of the GDPR. Take a journey back in time with me to 1963. Britain was trying to get into the six […]
https://gdprsentry.com/wp-content/uploads/2017/12/details.jpg400400Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2017-12-18 10:51:252018-01-04 16:01:11With the GDPR the Devil is in the details
The DPO, or Data Protection Officer, is a role that has been discussed at length as the GDPR has moved from concept to reality. The DPO is responsible for: Informing the organisation on its GDPR obligations Monitoring that compliance Being the first point of contact for employees and supervisory authorities Training Staff Conducting audits and […]
https://gdprsentry.com/wp-content/uploads/2018/10/wheretostart.jpg500500Ian Parretthttps://gdprsentry.com/wp-content/uploads/2021/07/Default-Logo-340-300x253.pngIan Parrett2017-12-15 11:39:202019-10-04 12:02:32Should you have a DPO?
Privacy Rules: Rumoured Renovations
A point of viewLast week, a news article popped up. “UK to overhaul privacy rules”. Naturally, it piqued some interest. The UK debated revoking the GDPR before they finished implementing it. By the time the GDPR came into effect in 2018, several years had passed since the UK announced its intention to leave the EU. However, we have […]
Can I Ask My Employee if They’re Vaccinated?
A point of viewIt seems we are slowly marching towards “freedom day”, when the Prime Minister announces the removal of the restrictions that have covered almost every aspect of our day-to-day. However, Covid cases are on the rise again. With numbers as high as they were in Autumn 2020, We are all hoping the link between rising case […]
Demystifying SARs: Handling a Subject Access Request
A point of viewFor today’s post, we’re taking a quick dive into the murky depths of Subject Access Requests. Imagine this scenario. One of your students, staff members, or anyone you might have information about is standing at the front desk, and they’re asking for all of their data. What do you do? What happens next? For many […]
GDPR and Climate Change: An Unexpected Benefit
A point of viewHere’s a good news story to kick off the new month… The GDPR has provided a whole new framework for data protection, a framework that is centred around an individual’s right to privacy rather than an organisation’s desire for data. Your rights are now stronger and clearer, and organisations must safeguard data and be […]
Managing Mental Health Concerns in Higher Education
A point of viewIn schools, responsibility surrounding children’s mental health and wellbeing is clearly documented. Legislation such as the 1989 Children’s Act, and guidance such as “Keeping Children Safe in Education,” set out responsibilities of staff and governors. Furthermore, it is made abundantly clear that data protection concerns should not prevent action from being taken to support […]
Returning to the Office (and the Pub!)
A point of viewWe’ve reached a new checkpoint in Boris’s Covid roadmap. Yesterday, non-essential shops reopened, and many flocked to their local pub to enjoy a pint outside. For many, yesterday also marked their first day back in the office. While teaching staff have been back for a few weeks now, for others the full time return to the […]
Understanding Anonymisation
A point of viewWhen you purchase a product or use a service, at some point you will probably receive a feedback form. It’s almost an inevitability. It might be a form that arrives on email, or an irritating pop-up in an app. Recently, if you use a smart speaker you may get a notification which proceeds to […]
It’s been ‘Zero-Days’ Since The Last Incident
A point of viewLast week, a global hacking campaign targeted Microsoft Exchange servers, and compromised hundreds of UK companies. It was estimated that more than 500 email servers in the UK were hacked, alongside many more across the world. Attackers used newly discovered vulnerabilities in the software to gain access to data, or to install ransomware. Ransomware can […]
Who Wants to be an Information Commissioner?
A point of viewLast Month, The U.K. Commissioner for Public Appointments posted an advertisement for a new Information Commissioner. Current Commissioner Elizabeth Denham announced previously that she was leaving her post in October, having overseen the UK’s transition to new data protection laws. Whoever is hired will be stepping into quite a sizable pair of shoes. Data protection complaints doubled in 2018/19, from around 21,000 to […]
GDPR and Genetic Testing
A point of view, Emerging Tech and Data Protection, SeriesIn the second instalment of our Emerging Tech series, we look at the development of commercial genetic testing, and the data protection implications of widespread genetic screening. “Customers who are genetically similar to you consume 60mg more caffeine a day than average.” “You are not likely to be a sprinter/power athlete” “Customers like you […]
What’s the Deal With WhatsApp?
A point of viewWhatsApp have spent the last month putting out self-inflicted fires. After a disastrous announcement of changes to their terms of service, the company have been scrambling to convince users to stick with the app. However, even with delayed implementation of the new terms of services, and hundreds of reassurances, their PR nightmare has prompted many […]
Bringing Up Baby: Raising Biased AI
A point of view, Emerging Tech and Data Protection, SeriesAnyone involved in last year’s exam grade saga probably harbours a level of resentment against algorithms. The government formula was designed to standardise grades across the country. Instead, it affected students disproportionately, raising grades for students in smaller classes and more affluent areas. Conversely, students in poorer performing schools had their grades reduced, based on past grades from previous […]
Data Protection Day: Staying Alert
A point of viewToday is Data Protection Day. It’s not on the front page of the papers, but you might see a little notification on the bottom of the Google Homepage. In 2007, the Council of Europe designated January 28th Data Protection Day (or Data Privacy Day in other parts of the world), to highlight the importance of […]
School, Interrupted: Data Protection and Mental Wellbeing
A point of viewIt has now been over a year since Chinese authorities reported the first case of Covid-19 to the World Health Organisation. This year has brought tragedy for the many people who have lost loved ones. It’s also brought difficulties for all, with restrictions on our daily life that haven’t been seen since the 1940s. Mental […]
Christmas Cards Come but Once a Year
A point of viewIt has been a year of chaos. The Oxford English Dictionary usually nominate one word as ‘Word of the Year’. This year, there has been so much change that they couldn’t narrow it down to just one. “Covid-19, Lockdown, Anti-Maskers, Unmute” Not to forget “Bushfire” when millions of acres of Australian bushland burnt at the […]
The Rise and Fall of the Privacy Shield
A point of viewThe EU-US Privacy shield, a framework designed by the U.S. Department of Commerce, and the European commission, has been struck down by the European Court of Justice (ECJ). The framework, approved by the EU in 2016, has been at the centre of several international discussions for the last few years. The program allowed companies to […]
Personal Data in the time of Covid-19
A point of viewWith more than 3,000 cases of the new coronavirus confirmed, Italy has announced that it will be shutting all schools for 10 days, to slow the spread of the disease. With cases beginning to increase in the UK, the possibility of similar action being taken here is also increasing. Most students, teachers and lecturers are […]
The Misfortunes of Misdirected Emails
A point of viewLast week, the University of East Anglia (UEA) paid out over £140,000 compensation to students affected by a 2017 data breach. An email containing information on personal issues, health problems and circumstances such as bereavement, was mistakenly sent to 300 UEA students. The email contained sensitive personal data of over 190 people. UEA reported that […]
Do Students Dream of Electric Teachers?
A point of viewLast week’s post briefly touched on how technological advances are providing new data protection challenges. Earlier this month, the 2020 Consumer Electronics Show (CES) showed the world the new smart devices we can expect to see filtering through the markets soon. There were many companion robots on show. For instance, Bellabot (a robot cat waiter […]
Your Organisation and the Prisoner of Ransomware
A point of viewWe don’t usually comment on cybersecurity stories but the breaking news of the issues at Travelex (as reported by the BBC) made me think about the potential loss of access to critical information in an educational setting. From the information available ransomware has been placed in the Travelex system, forcing the company to shut down its’ online […]
GDPR New Year’s Resolutions
A point of viewThe UK government has not had a fantastic start to the year. The New Year’s honours list, a list of individuals receiving awards on New Year’s Day, was mistakenly posted with personal contact details of over a thousand people. While the document was only available for around an hour, many notable—and often controversial—figures had their […]
Has GDPR Stolen Christmas?
A point of viewThe time has come. Tinsel is up, chestnuts are roasting, and Santa is preparing his “Naughty or Nice list”. However, in this time of tradition, should we be thinking of the new data protection laws? Is St Nick in breach of the GDPR? Well, he might be. Having a list of all the boys and […]
AI in Education: A Brave New World?
A point of viewA report published last week by career focused social network LinkedIn, identified the “Emerging Jobs” of 2020 in the UK. The report, which can be found here, looks at the roles that are experiencing significant growth. At number one is “Artificial Intelligence Specialist”, confirming that this field is expanding out of the academic realm and […]
How to avoid the winter blues…
A point of viewWhile the Christmas holidays are tantalisingly close, many schools are struggling with the norovirus outbreak that is sweeping across the country. It got us thinking about the way that winter can leave us feeling washed out, both physically and mentally and how that could have an impact on more than just the mood at work. […]
Data Controllers and Data Processors; Who’s who?
A point of viewWhen you talk about data protection all day, every day, it’s easy to assume that everyone else does the same. Some of the terms and names used when referring to the new GDPR are not as clearly defined as they could be. So, this week we are looking at the role of a ‘data processor’ […]
Careless Talk Causes Breaches
A point of view…(and can be costly too!) GDPR is not normally associated with parties, but recently I heard the end of a conversation about an office Christmas party and it set me thinking about the impact that a misplaced sentence can have. Friendships and working relationships can be badly damaged, in some cases, irreparable. If I […]
How the Department for Education ran into trouble with the ICO
A point of viewBeing as clear as mud when it comes to Data Protection A key principle of data protection is transparency. You must be upfront about what you plan to do with personal data. A failure to be transparent has recently brought the Department for Education into the Information Commissioner’s Office’s sights. Information from the annual census […]
GDPR Problems Most People Are Facing
A point of viewAre you facing the same GDPR problems as most? We asked a number of both Data Protection Officers and GDPR Leads in Education what the most common GDPR problems they come across are, interestingly, most of the answers were the same, so we thought we would put together a list of GDPR problems and some […]
The latest position of Brexit and GDPR…
A point of viewWednesday 23rd October 2019 Following on from our latest update last week, ‘How Brexit will affect GDPR’, as always with Brexit, there is another twist in the tail. In the increasing febrile corridors of Westminster, the latest set of proposals for an orderly Brexit offer a crumb of comfort from the perspective of data protection […]
Schoolboy branded ‘Harry2’ to comply with Data Protection
A point of viewWith the ‘Harry2’ story recently hitting the headlines, we ask, how far do Schools really need to take data protection? Newhey Community Primary School have branded Harry Szlatoszlavek with a number 2 as his surname, so they can differentiate between him and another boy with the same first name. The Rochdale based Primary School says […]
Deal or No Deal; How Will Brexit Affect GDPR?
A point of viewAmong the political turmoil as we approach the deadline of the 31st October for leaving the European Union, data protection is now being mentioned. Some schools have received guidance about actions that may need to be taken. The essentials of the situation are these. Despite us having gone to considerable effort to implement GDPR and […]
Documenting Data Breaches
A point of viewDocumenting Data Breaches Why paper and spreadsheets may not be enough… A Breach Scenario You’ve experienced a breach where information was sent to the wrong person. During the investigation it became clear that the person whose data was breached was aware of it happening. You took the actions that seemed appropriate and decided that it […]
Managing Data Breaches
A point of viewData Breaches Happen How will you deal with one? Breaches come in many shapes, sizes, and severities. It’s critical to recognise that an integrity breach with a single inaccurate word can be as serious as a classic confidentiality breach. Part of your training for all staff needs to be about recognising when a data […]
Sentry System – Updates
A point of viewSummer Updates! With our brand, we didn’t want to completely change the GDPR Sentry our customers know and love, so we made some minor improvements instead, and wanted to share them with you! Can you spot any new features on our website? As well as website changes, our technical team have also been busy making […]
Appointed DPO? But How much do you really know?
A point of viewSince 2017, Schools, Trusts and Colleges have been bombarded with stories about the requirements and risks of failing to comply with GDPR. The mass of information around the internet can seem daunting even overwhelming, but we are here to help you on your journey to compliance. Any schools in state sector, including local authority nursery […]
Why Schools Should Do Their Homework Too
A point of viewWith so much confusion and little understanding around GDPR, we were always expecting some interesting headlines. This week, The BBC reported how a local authority in Sweden incurred a large fine, after trialling facial recognition on students to keep track of attendance. The Swedish Data Protection Authority (DPA) fined Skelleftea Municipality 200,000 Swedish Krona (£16,800) […]
New Term, New Data, New Risks?
A point of viewOur survey said……
A point of viewIt’s now less than four months until enforcement of the GDPR begins. You’d imagine that every now knows about the regulation even if they’re not totally clear about the impact. On Tuesday of this week (24th January), the Department for Digital, Culture, Media and Sport released some preliminary results from Cyber Security Breaches Survey. With […]
Here comes the Data Protection Bill
A point of viewOn Wednesday 17th January, the Data Protection Bill completed its journey through the House of Lords and headed back to the Commons. This means it’s heading toward the last stages before it becomes law. Over the last few weeks I’ve been asked several times what the difference is between the Bill and the GDPR, also […]
Happy New Year
A point of viewHappy New Year! Welcome in the GDPR You know what it’s like, the New Year celebrations are done and its back the realities of work. Part of that reality for 2018 is the enforcement of the GDPR that starts on the 25th May. You’re probably familiar with the basics, but just in case here is […]
GDPR Envy: Data protection across the pond
A point of viewAmong all the questions about the impact of the GDPR, it’s interesting to see another perspective on concerns about personal data. This comes from consumers in the USA, a country with some mixed attitudes toward privacy in general. From a survey conducted in September 2017, PWC have produced a report for their Consumer Intelligence Series […]
With the GDPR the Devil is in the details
A point of viewMention the UK and the EU right now you’ll almost certainly hear about Brexit. Organisations pondering life outside of the EU may be forgiven for not being totally up to date with the details of the GDPR. Take a journey back in time with me to 1963. Britain was trying to get into the six […]
Should you have a DPO?
A point of viewThe DPO, or Data Protection Officer, is a role that has been discussed at length as the GDPR has moved from concept to reality. The DPO is responsible for: Informing the organisation on its GDPR obligations Monitoring that compliance Being the first point of contact for employees and supervisory authorities Training Staff Conducting audits and […]