27 Feb 2018
sell TechnologyWebsites

On the 25th May 2018, the Data Protection Act (DPA) is going to be replaced by a new law which has been in the works for a couple of years now- The General Data Protection Regulation (GDPR). You may be asking yourself “Am I ready for this?” or “Will it apply to me?” The answer is yes. This new law is here to help protect you in various different ways.

Schools tend to already have a secure data protection policy in place so hopefully, GDPR will just be enhancing this. To be GDPR compliant, you will need to have up-to-date software to reduce the risk of a cyber attack and all IT equipment will need warranty to ensure its data is protected at a higher level than before. This will benefits schools as it will give you more control over your data. However, if cyber security is breached and personal information leaked, you may be fined £20 million or 4% of your global turnover; whichever is greater.

The way you receive consent is also going to change; with regards to your school website, you will no longer be able to collect “Cookies”  by assuming the viewers’ consent. A Cookie is a message that is sent to the web server that stores information for the next time you enter the site. E.g. remembers your language preferences or your log in information.  On your school website, you will need a Cookie Policy to explain what data will be stored if you “Opt-In” and which sections of the site will not function correctly if you “Opt-Out”. This can be done in a tick-box function to make it clear to the recipient and it will also mean they can opt-out at any given time. Another solution to this is a banner; giving you the option as soon as you enter the site to read the cookies and accept or reject them.

Ofsted will also play a major role in this as they will taking GDPR extremely seriously. Failure to comply to the new policies and procedures can impact your Ofsted Rating. You might now be asking “How do I prepare for this?” Well we have sourced a FREE eBook for you to help you get prepared for GDPR.

For more information about GDPR, you can visit the ICO website or give us a call on 01933 303520 to discuss GDPR compliance.