General Data Protection Regulations (GDPR)
The GDPR became law on the 25th May 2018
The school is working hard to ensure that all working practices relating to data protection are compliant with the new laws. Our Data Protection Officer is Nicola Cook who we are employing through the Bucks Learning Trust (BLT)
Governors set up a sub committee to look into what we needed to do, this includes:
Conducting a self-assessment of readiness for GDPR
Reviewing where all our data is stored, recording where it has come from and reviewing how data is shared
Drawing up a risk register and taking steps to mitigate risk.
Reviewing who has access to data
Reviewing all documentation from Gov.uk, Information Commissioners Office (ICO) and Information and Records Management Society (IMRS ) Toolkit
Completing an in-depth audit to be checked by our Data Protection Office (Bucks Learning Trust)
Attending training for GDPR readiness
Reissuing letters for photography permissions
Reissuing privacy notices for anyone associated with the school
Sending opt-in emails or messages for information about the school
Information sharing for parents staff, governors and parents by letter, emails or messages
Reviewing contracts with our suppliers
Reviewing policies - Data Protection, Freedom of Information, Communication, Use of photos etc
Reviewing and requesting privacy notices from all our IT providers, eg. Parent pay, IT hosting, SIMS (our school management IT system) etc.
Visitors to the school may have noticed that we have changed how we sign in visitors - so their information is not shared with those who don't need to see it.
Governors will monitor the arrangements regularly.