News & views on all things GDPR

GDPR and Genetic Testing
A point of view, Emerging Tech and Data Protection, SeriesIn the second instalment of our Emerging Tech series, we look at the development of commercial genetic testing, and the data protection implications of widespread genetic screening.
“Customers who are genetically similar to you…

What's the Deal With WhatsApp?
A point of viewWhatsApp have spent the last month putting out self-inflicted fires. After a disastrous announcement of changes to their terms of service, the company have been scrambling to convince users to stick with the app. However, even with delayed implementation…

Bringing Up Baby: Raising Biased AI
A point of view, Emerging Tech and Data Protection, SeriesAnyone involved in last year’s exam grade saga probably harbours a level of resentment against algorithms.
The government formula was designed to standardise grades across the country. Instead, it affected students disproportionately,…

Data Protection Day: Staying Alert
A point of viewToday is Data Protection Day. It's not on the front page of the papers, but you might see a little notification on the bottom of the Google Homepage.
In 2007, the Council of Europe designated January 28th Data Protection Day (or Data Privacy…

School, Interrupted: Data Protection and Mental Wellbeing
A point of viewIt has now been over a year since Chinese authorities reported the first case of Covid-19 to the World Health Organisation. This year has brought tragedy for the many people who have lost loved ones. It's also brought difficulties for all, with…

Christmas Cards Come but Once a Year
A point of viewIt has been a year of chaos. The Oxford English Dictionary usually nominate one word as ‘Word of the Year’. This year, there has been so much change that they couldn’t narrow it down to just one. “Covid-19, Lockdown, Anti-Maskers, Unmute”…

The Rise and Fall of the Privacy Shield
A point of viewThe EU-US Privacy shield, a framework designed by the U.S. Department of Commerce, and the European commission, has been struck down by the European Court of Justice (ECJ).
The framework, approved by the EU in 2016, has been at the centre…

Personal Data in the time of Covid-19
A point of viewWith more than 3,000 cases of the new coronavirus confirmed, Italy has announced that it will be shutting all schools for 10 days, to slow the spread of the disease. With cases beginning to increase in the UK, the possibility of similar action…

The Misfortunes of Misdirected Emails
A point of viewLast week, the University of East Anglia (UEA) paid out over £140,000 compensation to students affected by a 2017 data breach. An email containing information on personal issues, health problems and circumstances such as bereavement, was mistakenly…

Do Students Dream of Electric Teachers?
A point of viewLast week’s post briefly touched on how technological advances are providing new data protection challenges. Earlier this month, the 2020 Consumer Electronics Show (CES) showed the world the new smart devices we can expect to see filtering…

Your Organisation and the Prisoner of Ransomware
A point of viewWe don’t usually comment on cybersecurity stories but the breaking news of the issues at Travelex (as reported by the BBC) made me think about the potential loss of access to critical information in an educational setting.
From the…

GDPR New Year's Resolutions
A point of viewThe UK government has not had a fantastic start to the year. The New Year’s honours list, a list of individuals receiving awards on New Year’s Day, was mistakenly posted with personal contact details of over a thousand people. While the…

Has GDPR Stolen Christmas?
A point of viewThe time has come. Tinsel is up, chestnuts are roasting, and Santa is preparing his “Naughty or Nice list”. However, in this time of tradition, should we be thinking of the new data protection laws? Is St Nick in breach of the GDPR?
Well,…

AI in Education: A Brave New World?
A point of viewA report published last week by career focused social network LinkedIn, identified the “Emerging Jobs” of 2020 in the UK. The report, which can be found here, looks at the roles that are experiencing significant growth.
At number one…

How to avoid the winter blues…
A point of viewWhile the Christmas holidays are tantalisingly close, many schools are struggling with the norovirus outbreak that is sweeping across the country. It got us thinking about the way that winter can leave us feeling washed out, both physically…

Data Controllers and Data Processors; Who’s who?
A point of viewWhen you talk about data protection all day, every day, it’s easy to assume that everyone else does the same. Some of the terms and names used when referring to the new GDPR are not as clearly defined as they could be. So, this week we are…

Careless Talk Causes Breaches
A point of view
...(and can be costly too!)
GDPR is not normally associated with parties, but recently I heard the end of a conversation about an office Christmas party and it set me thinking about the impact that a misplaced sentence can have.…

How the Department for Education ran into trouble with the ICO
A point of viewBeing as clear as mud when it comes to Data Protection
A key principle of data protection is transparency. You must be upfront about what you plan to do with personal data.
A failure to be transparent has recently brought the Department…

GDPR Problems Most People Are Facing
A point of viewAre you facing the same GDPR problems as most?
We asked a number of both Data Protection Officers and GDPR Leads in Education what the most common GDPR problems they come across are, interestingly, most of the answers were the same, so we thought…

The latest position of Brexit and GDPR…
A point of viewWednesday 23rd October 2019
Following on from our latest update last week, ‘How Brexit will affect GDPR’, as always with Brexit, there is another twist in the tail.
In the increasing febrile corridors of Westminster, the latest set of…

Schoolboy branded ‘Harry2’ to comply with Data Protection
A point of viewWith the ‘Harry2’ story recently hitting the headlines, we ask, how far do Schools really need to take data protection?
Newhey Community Primary School have branded Harry Szlatoszlavek with a number 2 as his surname, so they can differentiate…

Deal or No Deal; How Will Brexit Affect GDPR?
A point of viewAmong the political turmoil as we approach the deadline of the 31st October for leaving the European Union, data protection is now being mentioned. Some schools have received guidance about actions that may need to be taken.
The essentials…

Documenting Data Breaches
A point of viewDocumenting Data Breaches
Why paper and spreadsheets may not be enough…
A Breach Scenario
You’ve experienced a breach where information was sent to the wrong person. During the investigation it became clear that the person whose…

Managing Data Breaches
A point of viewData Breaches Happen
How will you deal with one?
Breaches come in many shapes, sizes, and severities. It’s critical to recognise that an integrity breach with a single inaccurate word can be as serious as a classic confidentiality…

Sentry System - Updates
A point of view
Summer Updates!
With our brand, we didn’t want to completely change the GDPR Sentry our customers know and love, so we made some minor improvements instead, and wanted to share them with you! Can you spot any new features on our website?
As…

Appointed DPO? But How much do you really know?
A point of view
Since 2017, Schools, Trusts and Colleges have been bombarded with
stories about the requirements and risks of failing to comply with GDPR. The mass
of information around the internet can seem daunting even overwhelming, but we
are here to help…

Why Schools Should Do Their Homework Too
A point of view
With so much confusion and little understanding around GDPR, we were always expecting some interesting headlines.
This week, The BBC reported how a local authority in Sweden incurred a large fine, after trialling facial recognition…

New Term, New Data, New Risks?
A point of view
We are all guilty of shuddering a little when hearing the words ‘GDPR’, right? This is especially true when facing the beginning of the new academic year. The maze of legislation, the do’s and don’ts of data, what to do when a data…

Our survey said......
A point of viewIt's now less than four months until enforcement of the GDPR begins. You'd imagine that every now knows about the regulation even if they're not totally clear about the impact.
On Tuesday of this week (24th January), the Department for Digital,…

Here comes the Data Protection Bill
A point of viewOn Wednesday 17th January, the Data Protection Bill completed its journey through the House of Lords and headed back to the Commons. This means it’s heading toward the last stages before it becomes law.
Over the last few weeks I’ve been…

Happy New Year
A point of viewHappy New Year! Welcome in the GDPR
You know what it’s like, the New Year celebrations are done and its back the realities of work. Part of that reality for 2018 is the enforcement of the GDPR that starts on the 25th May. You’re probably…

GDPR Envy: Data protection across the pond
A point of viewAmong all the questions about the impact of the GDPR, it’s interesting to see another perspective on concerns about personal data. This comes from consumers in the USA, a country with some mixed attitudes toward privacy in general. From a…

With the GDPR the Devil is in the details
A point of viewMention the UK and the EU right now you’ll almost certainly hear about Brexit. Organisations pondering life outside of the EU may be forgiven for not being totally up to date with the details of the GDPR.
Take a journey back in time with…

Should you have a DPO?
A point of viewThe DPO, or Data Protection Officer, is a role that has been discussed at length as the GDPR has moved from concept to reality.
The DPO is responsible for:
Informing the organisation on its GDPR obligations
Monitoring that compliance
…